Slashdot Mirror

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."

Coinciding with the launch of Oliver Stone's movie Snowden in select theaters this week, a coalition of civil rights groups are launching a campaign to convince President Obama to pardon NSA whistleblower Edward Snowden. Fusion reports: The effort, which is organized by the ACLU, Amnesty International, and Human Rights Watch, will gather signatures from regular people and endorsements from celebrities. Snowden will speak by video link from Moscow at a press conference on Wednesday morning in New York, and an initial list of "prominent legal scholars, policy experts, human rights leaders, technologists and former government officials" in support of the cause will be released, according to a statement from the campaign. A presidential pardon would mean that Snowden could come home from Moscow, where he's lived for the past three years, without the fear of being prosecuted. He currently faces federal charges of violating the Espionage Act and stealing government property, even though his disclosures led to reform of the wiretapping program by Congress. Many Snowden supporters are hoping the movie Snowden, which opens in U.S. theaters on Friday, will spur support for a pardon. "I think the value of the movie is that it's lsikely to reach millions of people who have not been paying close attention to Snowden or to the debate about surveillance and privacy," Snowden's layer at the ACLU, Ben Wizner, told Fusion. "Those people will emerge from the movie more educated about surveillance and with more positive attitudes toward Snowden."

The acquisition of Jet.com by Walmart for $3 billion in cash appears to have made the founder of IdeaDash an "accidental millionaire." Fortune reports: "Martin, who is the founder of a startup called IdeaDash, won Jet.com's nationwide marketing competition -- Jet Insider -- in early 2015. The contest offered a reward of 100,000 shares of Jet stock to the contestant who got the most people to sign up for 6-month free trial 'insider' memberships to the membership shopping site, a sort of online Costco or Sam's Club. According to his company's website, Martin took first place out of the 350,000 people who participated, getting over 8,000 people to sign up. Martin spent $18,000 on online ads, Bloomberg reports, and now has a stake in Jet that is reportedly worth millions. Although Martin told Bloomberg that he is not sure exactly what his stake is worth, Fusion reported in February 2015 that his piece could be valued between $10 million and $20 million."

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should sex toys remain unaffected. Fusion is reporting that the We-Vibe 4 Plus, a popular vibrator sends a range of intimate data to its manufacturer. The sex toy uses a smartphone app, which lets a use control the vibration among other things. From the report: When the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to its manufacturer, Standard Innovations Corporation. It sends the device's temperature every minute, and lets the manufacturer know each time a user changes the device's vibration level. The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes. This was revealed on Friday at hacker conference Defcon in Las Vegas by two security researchers, who wish to be called only by their handles @gOldfisk and @rancidbacon. The two examined the app's code and the information being sent by the device over Bluetooth. In a statement sent by email, Standard Innovation Corporation's president Frank Ferrari confirmed that the company collects this information. [...]

How long would it take an airplane to fly around the world without using any fuel? About 22 days of actual air time, according to Fusion. Solar Impulse 2, an aircraft which is powered by solar energy, left Egypt on Sunday on the last leg of the first ever-fuel free flight around the world. The team behind it tweeted a few minutes ago that they have completed 91% of the final, last, conclusive flight. Reuters reports: Solar Impulse 2, a spindly single-seat plane, took off from Cairo in darkness en route to Abu Dhabi, its final destination, with a flight expected to take between 48 and 72 hours. The plane, which began its journey in Abu Dhabi in March 2015, has been piloted in turns by Swiss aviators Andre Borschberg and Bertrand Piccard in a campaign to build support for clean energy technologies. "The round the world flight ends in Abu Dhabi, but not the project," Piccard told Reuters a few days before takeoff. Solar Impulse flies without a drop of fuel, its four engines powered solely by energy collected from more than 17,000 solar cells in its wings. It relies on solar energy collected during the day and stored in batteries for electrical energy to fly at night. The carbon fiber plane, with a wingspan exceeding that of a Boeing 747 and the weight of a family car can climb to about 8,500 meters (28,000 feet) and cruise at 55-100 kph (34-62 mph).

An anonymous reader quotes a report from The Verge: Police in Michigan have a new tool for unlocking phones: 3D printing. According to a new report from Flash Forward creator Rose Eveleth, law enforcement officers approached professors at the University of Michigan earlier this year to reproduce a murder victim's fingerprint from a prerecorded scan. Once created, the 3D model would be used to create a false fingerprint, which could be used to unlock the phone. Because the investigation is ongoing, details are limited, and it's unclear whether the technique will be successful. Still, it's similar to techniques researchers have used in the past to re-create working fingerprint molds from scanned images, often in coordination with law enforcement. This may be the first confirmed case of police using the technique to unlock a phone in an active investigation. Apple has recently changed the way iOS manages fingerprint logins. You are now required to input an additional passcode if your phone hasn't been touched for eight hours and the passcode hasn't been entered in the past six days.

Ethan Chiel, writing for Fusion: Artist Dennis Cooper has a big problem on his hands: Most of his artwork from the past 14 years just disappeared. It's gone because it was kept entirely on his blog, which the experimental author and artist has maintained on the Google-owned platform Blogger since 2002 (Google bought the service in 2003). At the end of June, Cooper says he discovered he could no longer access his Blogger account and that his blog had been taken offline. Along with his blog, Google disabled Cooper's email address, through which most of his correspondence was conducted, he told me via Facebook message. He got no communication from Google about why it decided to kill his email address and blog. Cooper used the blog to post his fiction, research, and visual art, and as Artforum explains, it was also "a platform through which he engaged almost daily with a community of followers and fellow artists." His latest GIF novel (as the term suggests, a novel constructed with animated GIFs) was also mostly saved to the blog.WayBackMachine has some of the pages from his blog, but they are only screenshots. Google Cache is also of not much help. Slashdot readers, just out of curiosity, is there anything -- any service -- Mr. Cooper could use to get his artwork back?

Fusion's Kashmir Hill is reporting about a five-foot-tall, white, egg-shaped robot that one can find at the company's inspection lot near Mission Bay in San Francisco. The K5 robot is a stand-in for a human security guard, and it sports multiple high-definition cameras for 360-degree vision, a thermal camera, a laser rangefinder, a weather sensor, a license-plate recognition camera, four microphones, and person recognition capabilities. The report adds:If someone suspicious comes into the lot, or starts messing with a car, the robot can't tase them or break out any weapons. Instead the robot can set off an alarm, send a signal to human security personnel, and record everything that person does to be used against them later by police. Customers of Knightscope, the company that manufactures the aforementioned robot don't buy the machines. They rent them, usually two at a time, so one can charge its battery while the other patrols. The cost is $7 an hour. "For the cost of a single-shift security guard, you get a machine that will patrol for 24 hours a day 7 days a week," said Stephens, citing wages of $25 to $35 hour for a human security guard.

Fusion's Kashmir Hill is reporting about a five-foot-tall, white, egg-shaped robot that one can find at the company's inspection lot near Mission Bay in San Francisco. The K5 robot is a stand-in for a human security guard, and it sports multiple high-definition cameras for 360-degree vision, a thermal camera, a laser rangefinder, a weather sensor, a license-plate recognition camera, four microphones, and person recognition capabilities. The report adds:If someone suspicious comes into the lot, or starts messing with a car, the robot can't tase them or break out any weapons. Instead the robot can set off an alarm, send a signal to human security personnel, and record everything that person does to be used against them later by police. Customers of Knightscope, the company that manufactures the aforementioned robot don't buy the machines. They rent them, usually two at a time, so one can charge its battery while the other patrols. The cost is $7 an hour. "For the cost of a single-shift security guard, you get a machine that will patrol for 24 hours a day 7 days a week," said Stephens, citing wages of $25 to $35 hour for a human security guard.

Kristen V. Brown, reporting for Fusion:It is well-trod territory at this point that biases against women's technological abilities hold women in technology back. Study after study has shown bias persists at every point of the employment process. So the start-up interviewing.io decided to try and do something about it. It masked women's voices to sound like men's and vice versa during online interviews to see if interviewers would like them better. It was inspired to do the experiment because it was seeing some alarming data. Interviewing.io is a platform that allows people to practice technical interviewing anonymously and, hopefully, get a job in the process. After amassing data from thousands of technical interviews, the company noticed a troubling trend, writes founder Aline Lerner in a blog post: "Men were getting advanced to the next round 1.4 times more often than women. Interviewee technical score wasn't faring that well either -- men on the platform had an average technical score of 3 out of 4, as compared to a 2.5 out of 4 for women."

Fusion's Kashmir Hill is reporting that Facebook is using your phone's location to suggest new friends. It's unclear exactly when the social juggernaut began doing this, but a number of instances suggest it only started recently. From the report:Last week, I met a man who suspected Facebook had tracked his location to figure out who he was meeting with. He was a dad who had recently attended a gathering for suicidal teens. The next morning, he told me, he opened Facebook to find that one of the anonymous parents at the gathering popped up as a "person you may know." [...] "People You May Know are people on Facebook that you might know," a Facebook spokesperson said. "We show you people based on mutual friends, work and education information, networks you're part of, contacts you've imported and many other factors." One of those factors is smartphone location. A Facebook spokesperson said though that shared location alone would not result in a friend suggestion, saying that the two parents must have had something else in common, such as overlapping networks.While this feature could be useful in some cases, many may -- and they should -- see it as a big invasion of their privacy -- Hill has succinctly explained a number of them.

Fusion's Kashmir Hill is reporting that Facebook is using your phone's location to suggest new friends. It's unclear exactly when the social juggernaut began doing this, but a number of instances suggest it only started recently. From the report:Last week, I met a man who suspected Facebook had tracked his location to figure out who he was meeting with. He was a dad who had recently attended a gathering for suicidal teens. The next morning, he told me, he opened Facebook to find that one of the anonymous parents at the gathering popped up as a "person you may know." [...] "People You May Know are people on Facebook that you might know," a Facebook spokesperson said. "We show you people based on mutual friends, work and education information, networks you're part of, contacts you've imported and many other factors." One of those factors is smartphone location. A Facebook spokesperson said though that shared location alone would not result in a friend suggestion, saying that the two parents must have had something else in common, such as overlapping networks.While this feature could be useful in some cases, many may -- and they should -- see it as a big invasion of their privacy -- Hill has succinctly explained a number of them.

On June 6, Kabir Alli, an 18-year old in Virginia, posted a brief video of himself running a couple of quick Google image searches. First he searched for "three black teenagers" and was met with several rows of decontextualized mugshots. Then he searched for "three white teenagers" and was served up stock photos of relaxed teens hanging out in front of various plain white backgrounds. The tweet has stirred controversy, with many people accusing Google of being racist. But is that the case? Alli says that while it's Google's fault in some sense as they should have better control over the things people see, he also believes that at the end of the day, what Google shows us is a reflection of what people think. A Google spokesperson had similar things to say. Our image search results are a reflection of content from across the web, including the frequency with which types of images appear and the way they're described online. This means that sometimes unpleasant portrayals of sensitive subject matter online can affect what image search results appear for a given query. These results don't reflect Google's own opinions or beliefs -- as a company, we strongly value a diversity of perspectives, ideas and cultures.

An anonymous reader quotes a report from Fusion: Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thousands of "ghost drivers" that can monitor the drivers around them -- an exploit that could be used to track Waze users in real-time. Here's how the exploit works. Waze's servers communicate with phones using an SSL encrypted connection, a security precaution meant to ensure that Waze's computers are really talking to a Waze app on someone's smartphone. Zhao and his graduate students discovered they could intercept that communication by getting the phone to accept their own computer as a go-between in the connection. Once in between the phone and the Waze servers, they could reverse-engineer the Waze protocol, learning the language that the Waze app uses to talk to Waze's back-end app servers. With that knowledge in hand, the team was able to write a program that issued commands directly to Waze servers, allowing the researchers to populate the Waze system with thousands of "ghost cars" -- cars that could cause a fake traffic jam or, because Waze is a social app where drivers broadcast their locations, monitor all the drivers around them. You can read the full paper detailing the researchers' findings here. Is there a solution to not being tracked? Yes. If you're a Waze user, you can set the app to invisible mode. However, Waze turns off invisible mode every time you restart the app so beware.

An anonymous reader writes: Back in 2002, a company called MaxMind had an idea: Gather up as many unique computer or smartphone IP addresses as they can, match them to a map, and sell that data to advertisers. The problem is that MaxMind's tech has made life miserable for a handful of homes across the US -- especially one otherwise unnoteworthy northern Kansas farm. The farm's 82-year-old owner, Joyce Taylor, and her tenants have been subject to numerous FBI visits, IRS collectors, ambulances, threats, and the release of private information online. They've found people rummaging in the farm's barn and one person even left a broken toilet for some reason. People would even post her details online and encourage others to get in on the harassment, she said. The local sheriff even had to put a sign on her driveway, telling trespassers to stay away and contact him first if there are any questions. What's her mistake? MaxMind thought that if its tech couldn't tell where, exactly, in the United States, an IP address was located, it would instead return a default set of coordinates very near the geographic center of the country -- coordinates that happen to coincide with Taylor's front yard. The abuse began in 2011. A quick online search for the farm's address brings up pages of forum posts reporting the "scam farm."

Kashmir Hill reports at Fusion that DNA results from companies like 23andMe are being requested by law enforcement agencies, something that is likely to start happening more and more. From the article: Both Ancestry.com and 23andMe stipulate in their privacy policies that they will turn information over to law enforcement if served with a court order. 23andMe says it's received a couple of requests from both state law enforcement and the FBI, but that it has "successfully resisted them." ... Ancestry.com would not say specifically how many requests it's gotten from law enforcement. ... "On occasion when required by law to do so, and in this instance we were, we have cooperated with law enforcement and the courts to provide only the specific information requested but we don’t comment on the specifics of cases,” said a spokesperson. (Related Wired article here.)

An anonymous reader writes: Fusion has an op-ed where Ryan Calo, Assistant Professor of Law at the University of Washington, argues Google, Apple, and Microsoft pushing back against government surveillance may be our only real hope for privacy. He writes: "Both Google and Yahoo have announced that they are working on end-to-end encryption in email. Facebook established its service on a Tor hidden services site, so that users can access the social network without being monitored by those with access to network traffic. Outside of product design, Twitter, Facebook and Microsoft have sent their formidable legal teams to court to block or narrow requests for user information. Encryption tools have traditionally been unwieldy and difficult to use; massive companies turning their attention to better and simpler design, and use by default, could be a game changer. Privacy will no longer be accessible only to tech-savvy users, and it will mean that those who do use encryption will no longer stick out like sore thumbs, their rare use of hard-to-use tools making them a target."

schwit1 writes: A video that recently went viral shows a demonstration of a Volvo XC60's self-parking feature. It reverses itself, waits, and then confidently drives into a group of people at a non-negligible speed. (Two were hit, and while both were bruised, they were otherwise OK.) The situation was presumed to have resulted from a malfunction with the car — but the car might not have had the ability to recognize a human at all. A Volvo representative said the car was not equipped with the "Pedestrian detection" feature. That feature is sold as a separate package.

aurtherdent2000 sends word about a system designed to monitor drivers to determine when they're about to do something wrong. "I'm behind the wheel of the car of the future. It's a gray Toyota Camry, but it has a camera pointed at me from the corner of the windshield recording my every eye movement, a GPS tracker, an outside-facing camera and a speed logger. It sees everything I'm doing so it can predict what I'm going to do behind the wheel seconds before I do it. So when my eyes glance to the left, it could warn me there's a car between me and the exit I want to take. A future version of the software will know even more about me; the grad students developing what they’ve dubbed Brains4Cars plan to let drivers connect their fitness trackers to the car. If your health tracker 'knows' you haven’t gotten enough sleep, the car will be more alert to your nodding off."

theodp writes Two years ago, Politico caught Mark Zuckerberg's soon-to-be launched FWD.us PAC boasting how its wealthy tech exec backers would use their companies to 'control the avenues of distribution' for a political message in support of their efforts. Now, the NY Times is reporting that Facebook has been quietly holding talks with at least half a dozen media companies about hosting their content inside Facebook, citing a source who said the Times and Facebook are moving closer to a firm deal. Facebook declined to comment on specific discussions with publishers, but noted it had provided features to help publishers get better traction on Facebook, including tools unveiled in December that let them target their articles to specific groups of Facebook users. The new plan, notes the Times, is championed by Chris Cox, the top lieutenant to Facebook CEO Zuckerberg and a "major supporter" of FWD.us. Exploring Facebook's wooing of the media giants, the Christian Science Monitor asks if social media will control the future of news, citing concerns expressed by Fusion's Felix Salmon, who warns that as news sites sacrifice their brands to reach a wider audience, their incentives for accuracy and editorial judgment will disappear.

schwit1 writes Hertz has added a camera to many of its newer cars that uses the "NeverLost" navigational device. So why is Hertz creeping out customers with cameras it's not using? "Hertz added the camera as a feature of the NeverLost 6 in the event it was decided, in the future, to activate live agent connectivity to customers by video. In that plan the customer would have needed to turn on the camera by pushing a button (while stationary)," Hertz spokesperson Evelin Imperatrice explained. "The camera feature has not been launched, cannot be operated and we have no current plans to do so."

Presto Vivace writes with a reminder that it's not just Samsung TVs — lots of other gadgets are spying on you "But Samsung's televisions are far from the only seeing-and-listening devices coming into our lives. If we're going to freak out about a Samsung TV that listens in on our living rooms, we should also be panicking about a number of other emergent gadgets that capture voice and visual data in many of the same ways. .... Samsung's competitor, the LG Smart TV, has basically the same phrase about voice capture in its privacy policy: "Please be aware that if your spoken word includes personal or other sensitive information, such information will be among the Voice Information captured through your use of voice recognition features." It isn't just TVs, Microsoft's xBox Kinect, Amazon Echo, GM's Onstar, Chevrolet's MyLink and PDRs, Google's Waze, and Hello's Sense all have snooping capabilities. Welcome to the world of Stasi Tech.

An anonymous reader writes: In this time of advanced technology, our battle against aging isn't going well. Lifespan has been improved quite a bit through halting numerous diseases and improving nutrition, but medical science is struggling to slow the gradual wear and tear that builds up as we get older. Cutting edge treatment theories are all hellishly complex, so many men are turning to a solution that's been with us for 80 years: testosterone. Clinics are popping up around the U.S. that prescribe no actual medicine, but instead hand out testosterone and supplements. "In 2013, 14,000 kilograms of testosterone were sold in the United States. That might not sound like much, but a typical adult male has just 0.000000035 kilograms of testosterone floating around in his bloodstream. There is a lot of extra T in the hormonal composition of the country—and it only accounts for the legal sales."

John Hoberman, professor and author, calls this new medical model "client-centered libertarian medicine." He says, "Once upon a time, respectable society feared contamination by illegal and disreputable drugs that were consumed by social deviants. Now regulators are concerned about a growing demand for legal drugs that serve socially sanctioned goals such as productivity, physical attractiveness, and sexual viability. The 'threat' posed by such drugs originates in the very system of values that sanctions their use, and it is a paradox that has put regulators in an untenable position."

Freshly Exhumed writes: Growing income inequality was one of the top four issues at the 2015 World Economic Forum meeting in Davos, Switzerland, ranking alongside European adoption of quantitative easing and geopolitical concerns. Felix Salmon, senior editor at Fusion, said there was a consensus that global inequality is getting worse, fueling overriding pessimism at the gathering. The result, he said, could be that the next big revolution will be in regulation rather than innovation. With growing inequality and the civil unrest from Ferguson and the Occupy protests fresh in people's mind, the world's super rich are already preparing for the consequences. At a packed session, former hedge fund director Robert Johnson revealed that worried hedge fund managers were already planning their escapes. "I know hedge fund managers all over the world who are buying airstrips and farms in places like New Zealand because they think they need a getaway," he said. Looking at studies like NASA's HANDY and by KPMG, the UK Government Office of Science, and others, Dr Nafeez Ahmed, executive director of the Institute for Policy Research & Development, warns that the convergence of food, water and energy crises could create a "perfect storm" within about fifteen years.