Slashdot Mirror

theodp writes: Q. How is K-12 computer science like the Cold War? A. It could use a Sputnik moment, at least that's the gist of an op-ed penned by Senator Jerry Moran (R., KS) and Microsoft President Brad Smith. From the article: "In the wake of the Soviet Union's 1957 Sputnik launch, President Eisenhower confronted the reality that America's educational standards were holding back the country's opportunity to compete on a global technological scale. He responded and called for support of math and science, which resulted in the National Defense Education Act of 1958 and helped send the country to the moon by the end of the next decade. It also created the educational foundation for a new generation of technology, leadership and prosperity. Today we face a similar challenge as the United States competes with nations across the globe in the indispensable field of computer science. To be up to the task, we must do a better job preparing our students for tomorrow's jobs." Smith is also a Board member of tech-bankrolled Code.org, which invoked Sputnik in its 2014 Senate testimony ("learning computer science is this generation's Sputnik moment") as it called for "comprehensive immigration reform efforts that tie H-1B visa fees to a new STEM education fund [...] to support the teaching and learning of more computer science," nicely echoing Microsoft's National Talent Strategy. Tying the lack of K-12 CS education to the need for tech visas is a time-honored tradition of sorts for Microsoft and politicians. As early as 2004, Bill Gates argued that CS education needed its own Sputnik moment, a sentiment shared by Senator Hillary Clinton in 2007 as she and fellow Senators listened to Gates make the case for more H-1B visas as he lamented the lack of CS-savvy U.S. high school students.

An anonymous reader quotes a report from Washington Times: Internet legislation proposed Wednesday in the Senate would prohibit the U.S. government from relinquishing its role with respect to overseeing the web's domain name system, or DNS, unless explicitly authorized by Congress. The National Telecommunications and Information Administration (NTIA), a division of the Commerce Department, currently oversees control of the DNS, a virtual phonebook of sorts that allows internet users to easily browse the web by allocating domain names to websites the world over. The NITA has long been expected to give up its oversight role to a global multi-stakeholder community, however, prompting lawmakers to unleashed a proposal this week that would assure the U.S. government maintains control unless Congress votes otherwise. The bill, the Protecting Internet Freedom Act, "would prevent the Obama administration from giving the Internet away to a global organization that will allow over 160 foreign governments to have increased influence over the management and operation of the Internet," according to a statement issued Wednesday by the office of the bill's co-sponsor, Sen. Ted Cruz. Specifically, the bill aims to ensure that the NTIA's relationship with the DNS doesn't terminate, lapse, expire or otherwise end up cancelled unless authorized by Congress, while a separate provision would guarantee that the U.S. government's exclusive control over .gov and .mil domains remains intact. In the UK, the controversial Snooper's Charter -- or the Investigatory Powers Bill as it's officially known -- has been passed through the House of Commons by UK MPs.

mi quotes a report from The Intercept: A provision snuck into the still-secret text of the Senate's annual intelligence authorization would give the FBI the ability to demand individuals' email data and possibly web-surfing history from their service providers using those beloved 'National Security Letters' -- without a warrant and in complete secrecy. [The spy bill passed the Senate Intelligence Committee on Tuesday, with the provision in it. The lone no vote came from Sen. Ron Wyden, D-Ore., who wrote in a statement that one of the bill's provisions "would allow any FBI field office to demand email records without a court order, a major expansion of federal surveillance powers." If passed, the change would expand the reach of the FBI's already highly controversial national security letters. The FBI is currently allowed to get certain types of information with NSLs -- most commonly, information about the name, address, and call data associated with a phone number or details about a bank account. The FBI's power to issue NSLs is actually derived from the Electronic Communications Privacy Act -- a 1986 law that Congress is currently working to update to incorporate more protections for electronic communications -- not fewer. The House unanimously passed the Email Privacy Act in late April, while the Senate is due to vote on its version this week. "NSLs have a sordid history. They've been abused in a number of ways, including targeting of journalists and use to collect an essentially unbounded amount of information," Andrew Crocker, staff attorney for the Electronic Frontier Foundation, wrote. One thing that makes them particularly easy to abuse is that recipients of NSLs are subject to a gag order that forbids them from revealing the letters' existence to anyone, much less the public.]

An anonymous reader writes: Facebook has said once again in an open letter to Sen. John Thune, chairman of the Senate Commerce Committee, that its Trending Topics section is free of any political bias or manipulation. But in response to Gizmodo's report that Facebook employees were suppressing conservative news stories, Facebook is revamping how editors find trending stories. "We could not fully exclude the possibility of isolated improper actions or unintentional bias in the implementation of our guidelines or policies," Facebook general Counsel Colin Stretch wrote. Of course, Facebook is going to train the human editors who work on their trending section; they're also going to abandon several automated tools it used to find and categorize trending news in the past. Recode provides some examples, writing, "[Facebook] will no longer use its "1K list," a group of 1,000 websites it used to help verify headlines." Facebook will also get rid of several top publications, including the New York Times and CNN.

An anonymous reader cites an Ars Technica report: Four U.S. senators say that the Internet speed standard for a government grant program shouldn't be stuck at 4Mbps. The Community Connect program run by the US Department of Agriculture (USDA) funds broadband deployment in rural communities, but it uses a speed standard of just 4Mbps downstream and 1Mbps upstream. Even that speed is an increase over the 3Mbps (download and upload combined) standard the program used until just a few weeks ago. US Senators Angus King (I-Maine), Shelley Moore Capito (R-W.Va.), Jeanne Shaheen (D-N.H.), and Kirsten Gillibrand (D-N.Y.) say that the USDA didn't raise the standard high enough. In a letter last week to USDA Secretary Tom Vilsack, the senators questioned the decision to set the grant program's speed threshold below the 10Mbps/1Mbps standard used by a separate USDA loan program. "Earlier this month, USDA upped broadband speed requirements for the Broadband Access Loan Program to 10Mbps, while Community Connect was only upped to 4Mbps," the senators noted. "In order to maintain the programs' relevance in an age of rapidly increasing demand for bandwidth, we strongly urge you to consider updating their broadband speed definitions, particularly the Community Connect Program's Minimum Broadband Service benchmark."

An anonymous reader writes: The bill released Thursday by Senators Richard Burr and Dianne Feinstein to force U.S. companies to build backdoors into their encryption systems has been further dissected by experts. In less than 24 hours after the Court Orders Act of 2016 draft was released, 43,000 signatures have been added to a petition calling for the bill to be withdrawn. Bruce Schneier, the writer of the books on modern cryptography, said the bill would make most of what the NSA does illegal, unless no such agency is willing to backdoor its own encrypted communications. "This is the most braindead piece of legislation I've ever seen," Schneier told The Register. "The person who wrote this either has no idea how technology works or just doesn't care." Schneier says cryptographic code will be affected by this legislation, as well as "lossy compression algorithms" that are used to reduce the size of images for sending through email, which won't work in reverse and add back the data removed. Files that can't be decrypted on demand to their original state, and files that can't be decompressed back to their exact originals, all look the same to this draft now. He said even deleted data could be covered in this legislation.

An anonymous reader quotes a report from TechCrunch: Senators Richard Burr and Dianne Feinstein released the official version of their anti-encryption bill today after a draft appeared online last week. The bill, titled the Compliance with Court Orders Act 2016, would require tech firms to decrypt customers' data at a court's request. The bill is not expected to get anywhere in the Senate. President Obama has also indicated that he will not support the bill, Reuters reports. The bill requires legislation requires communications services to backdoor their encryption in order to provide "intelligible information or data, or appropriate technical assistance to obtain such information or data." Sen. Feinstein stated, "The bill we have drafted would simply provide that, if a court of law issues an order to render technical assistance or provide decrypted data, the company or individual would be required to do so. Today, terrorists and criminals are increasingly using encryption to foil law enforcement efforts, even in the face of a court order. We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans."

dcblogs writes: An angry letter from Sen. Dick Durbin (D-Ill.) protesting Abbott Labs' IT employee layoff may be having an impact, but not the way the senator wanted. The layoffs are part of plan by Abbott to shift some IT work to India-based Wipro, a major user H-1B visas, and Abbott is proceeding with the cuts despite Durbin's plea "to reconsider this plan and retain these U.S. workers." Abbott put the number of impacted IT employees at "fewer than 150." Durbin's letter has it at 180. But Abbott may be making changes in how the layoffs are conducted. IT employees, who only spoke on the condition of anonymity, said they were initially told they would be training replacements. But Abbott said Friday that the "affected Abbott IT employees are not being asked to train their replacements." The firm's statement appears to confirm the latest employee accounts of what's going on. One worker said the replacement training may be limited to employees who aren't losing their jobs. The training of replacements was a major issue for Durbin. In his letter to the firm, Durbin wrote: "To add insult to injury, the Abbott Labs IT staff who will be laid off will first be forced to train their replacements."

An anonymous reader writes: Early on Friday, the U.S. Senate approved the 2,000 page 'omnibus' budget bill that allocated $1.15 trillion in government funding. Later in the day, President Obama signed it into law. Because the budget bill was so important, many other pieces of unrelated legislation were tacked onto it, including the Cybersecurity Information Sharing Act, a bill notable for giving the government increased internet surveillance powers. Civil rights activists and tech experts largely consider it a "privacy disaster," and several lawmakers voted against the budget bill solely for CISA's inclusion. Senator Ron Wyden (D-OR) said, "Unfortunately, this misguided cyber legislation does little to protect Americans' security, and a great deal more to threaten our privacy than the flawed Senate version. Americans demand real solutions that will protect them from foreign hackers, not knee-jerk responses that allow companies to fork over huge amounts of their customers' private data with only cursory review." Corporations in the U.S. will now have "legal immunity when sharing consumers' private data about hacks and digital breaches." The full omnibus is available online (PDF). The CISA provisions start on page 1,728.

New submitter h33t l4x0r writes: Presidential candidate Marco Rubio recently "fired off a letter (PDF) to the Federal Communications Commission asking the agency to allow states to block municipal broadband services." The municipal services offer cheaper, faster broadband alternatives to the large telecoms. Rubio's campaign has taken large donations from AT&T, and the article notes that other providers, "fearing competition, have used their influence in state government to make an end-run around local municipalities. Through surrogates like the American Legislative Exchange Council, the industry gets states to pass laws that ban municipal broadband networks, despite the obvious benefits to both the municipalities and their residents."

dcblogs writes: U.S. Sen. Ted Cruz (R-Texas), who is seeking the Republican presidential nomination, has morphed from a vocal supporter of the H-1B program to a leading critic of it. He has done so in a new H-1B reform bill (PDF) that sets a minimum wage of $110,000 for H-1B workers. By raising the cost of temporary visa workers, Cruz is hoping to discourage their use. Cruz also wants to eliminate Optional Practical Training Program (OPT). The co-sponsor of this bill, The American Jobs First Act of 2015, is U.S. Sen. Jeff Sessions (R-Ala.), who called the OPT program "a backdoor method for replacing American workers."

chicksdaddy writes: Just a month after an FBI official admitted that his agency sometimes advised companies stricken with ransomware to pay the ransom, two U.S. Senators are requesting information about federal agencies' encounters with ransomware malware, and whether Uncle Sam might have paid ransoms, also. "Have federal state or local governments sought DOJ or FBI’s help to remove ransomware from their computers," the Senators asked in a letter (PDF download) addressed to Attorney General Loretta Lynch. "If so, please describe the nature of any assistance sought, whether agencies have paid ransoms to remove ransomware, and whether DOJ or the FBI was able to decrypt the computer systems."

itwbennett writes: At a Senate Judiciary Committee hearing on Wednesday, lawmakers heard arguments over the Defend Trade Secrets Act of 2015. The proposed legislation would allow companies to pursue trade-secrets cases in federal court much as they can copyright or patent cases, thereby freeing them from the state-level constraints of today's laws. It also allows for so-called ex parte seizure, enabling a company that thinks a secret has been stolen to ask the government to seize a suspected thief's property without notice, to prevent misuse of that secret. It's the ex parte seizure provision, as well as the bill's potential to increase the duration and cost of trade-secrets litigation, that prompted more than 40 law professors to write a joint letter expressing their concern. Companies have long protected algorithms such as consumer credit-scoring mechanisms under trade-secret law, intellectual property expert and Hamline University professor Sharon Sandeen said in an interview after the hearing. If passed, the new bill could give them new powers to conceal those algorithms, she said. Voicing the opposing view, lawyers from Corning and DuPont cited the increasingly digital and global nature of trade-secrets theft, a sentiment that was echoed in a blog post by Jule Sigall, Microsoft's assistant general counsel of IP policy and strategy.

TCPALaw writes: Hate robocalls? In July, the FCC tightened the rules regarding robocalls to cell phones, especially debt collection calls (in particular limiting calls to wrong numbers or to anyone who is not the debtor). Now the debt collection industry is getting their revenge by sneaking in a massive exemption (see section 301 on page 10 to the PDF) to the the FCC's rules that would expressly permit debt collection robocalls to cell phones (and even collect calls!) for student loans, mortgages, taxes, and any other debt owed or guaranteed by the government. Time to make a few phone calls myself to some senators. The Senate switchboard is (202) 224-3121 or go to senate.gov to find the number for your senators. This may come up for a vote in 24 hours or less.

Advocatus Diaboli sends news that the Senate Intelligence Committee has unanimously approved draft legislation that would requires email providers and social media sites to report any suspected terrorist activities to the government. While the legislation itself is classified until it reaches the Senate floor, Committee chairman Richard Burr (R-NC) said, "America’s security depends on our intelligence community’s ability to detect and thwart attacks on the homeland, our personnel and interests overseas, and our allies. This year’s legislation arms the intelligence community with the resources they need, and reinforces congressional oversight of intelligence activities." The legislation is based on 2008's Protect Our Children Act, which required companies to report information about child porn to an agency that would act on it. One industry official told the Washington Post, "Considering the vast majority of people on these sites are not doing anything wrong, this type of monitoring would be considered by many to be an invasion of privacy. It would also be technically difficult."

stowie writes: Senator Dianne Feinstein (D-Calif.) has introduced the Consumer Drone Safety Act that looks to shore up safety features on consumer drones and the federal laws that govern them. This bill has nothing to do with the FAA's proposed rules on small commercial drones, this is all about hobbyist drones. It's looking to regulate the maximum height for flight, the weather and time-of-day conditions for flight, and any areas where flights may be prohibited. If passed, the act would require manufacturers to update existing consumer drones to meet these requirements, potentially through an automatic software update. The bill would require safety features for new consumer drones such as Geo-fencing to govern the altitude and location of flights, collision-avoidance software, and more.

Errorcod3 sends a followup to last week's news that the FBI is operating a fleet of planes across the U.S. for surveillance purposes. A new article in The Atlantic points out that Congress is claiming to have had little or no awareness the fleet was being built, and is asking for answers. Quoting: Senator Charles Grassley, chairman of the Judiciary Committee, demanded to be briefed (PDF) no later than this week on "the scope, nature, and purpose of these operations and what legal authorities, if any, are being relied upon in carrying out these operations." Sixteen House members wrote to the FBI (PDF), pointing out that the president had just signed a reform ending the bulk collection of phone records. "It is highly disturbing," they wrote, "to learn that your agency may be doing just that and more with a secret fleet of aircraft engaged in surveillance missions." They asked for the FBI to identify the legal theory used to justify the flights, the circumstances surrounding them, the technologies on the aircraft, the privacy policy used for data collected, and the civil liberties safeguards that had been put in place. Senator Al Franken has posed ten questions of his own (PDF) to the FBI.

Errorcod3 sends a followup to last week's news that the FBI is operating a fleet of planes across the U.S. for surveillance purposes. A new article in The Atlantic points out that Congress is claiming to have had little or no awareness the fleet was being built, and is asking for answers. Quoting: Senator Charles Grassley, chairman of the Judiciary Committee, demanded to be briefed (PDF) no later than this week on "the scope, nature, and purpose of these operations and what legal authorities, if any, are being relied upon in carrying out these operations." Sixteen House members wrote to the FBI (PDF), pointing out that the president had just signed a reform ending the bulk collection of phone records. "It is highly disturbing," they wrote, "to learn that your agency may be doing just that and more with a secret fleet of aircraft engaged in surveillance missions." They asked for the FBI to identify the legal theory used to justify the flights, the circumstances surrounding them, the technologies on the aircraft, the privacy policy used for data collected, and the civil liberties safeguards that had been put in place. Senator Al Franken has posed ten questions of his own (PDF) to the FBI.

SonicSpike writes: Sens. Rand Paul (R-KY) and Ron Wyden (D-OR), and Rep. Zoe Lofgren (D-CA) introduced bipartisan legislation today to better target serious criminals and curb overzealous prosecutions for non-malicious computer and Internet offenses.

The legislation, inspired by the late Internet innovator and activist Aaron Swartz, who faced up to 35 years in prison for an act of civil disobedience, would reform the quarter-century old Computer Fraud and Abuse Act (CFAA) to better reflect computer and internet activities in the digital age. Numerous and recent instances of heavy-handed prosecutions for non-malicious computer crimes have raised serious questions as to how the law treats violations of terms of service, employer agreements and website notices.

"Aaron’s Law would change the definition of 'access without authorization' in the CFAA so it more directly applies to malicious hacks such as sending fraudulent emails, injecting malware, installing viruses or overwhelming a website with traffic."

schwit1 writes with this snippet from Ars Technica: In the wake of the Thursday arrest of two women accused of attempting to build a bomb, Sen. Dianne Feinstein (D-CA) wrote on her website that the 1971 book on bomb making, which may have aided the terror suspects in some small way, should be "banned from the Internet."

The senator seems to fail to realize that not only has The Anarchist Cookbook been in print for decades (it's sold on Amazon!), but also has openly circulated online for nearly the same period of time. In short, removing it from the Internet would be impossible.

mi contributes this excerpt from National Journal: "Sen. Al Franken is urging the FBI to more quickly and aggressively pursue and respond to reports of revenge porn, marking a rare burst of attention on a controversial topic about which Congress has typically been quiet. In a letter to FBI Director James Comey, the Minnesota Democrat asked for more information about the agency's authority to police against revenge porn, or the act of posting explicit sexual content online without the subject's consent, often for purposes of humiliation and extortion. Its popularity has ballooned in recent years, and victims are disproportionately women." Here's Franken's letter.

Lucas123 writes: A Dallas-based law firm has filed a class-action lawsuit in the U.S. District Court for the Northern District of California claiming Ford, GM and Toyota all ignored basic electronic security measures that leave vehicles open to hackers who can take control of critical functions and endanger the safety of the driver and passengers. The suit, filed on behalf of three vehicle owners and "all others similarly situated" is seeking unspecified damages and an injunction that would force automakers to install proper firewalls or encryption in vehicle computer bus systems, which connect dozens of electronic control units. "Toyota, Ford and GM have deliberately hidden the dangers associated with car computer systems, misleading consumers," attorney Marc Stanley said. The lawsuit cites several studies revealing security flaws in vehicle electronics. A 2013 study by the Defense Advanced Research Projects Agency found researchers could make vehicles "suddenly accelerate, turn, [and] kill the brakes." A study released last month by Sen. Edward Markey (D-Mass.) also claims automakers have fallen far short in their responsibility to secure their vehicles' electronics.

An anonymous reader writes U.S. Navy Adm. Michael S. Rogers — director of the National Security Agency and Commander of United States Cyber Command (USCYBERCOM) — has suggested that cyber-attacks can begin and escalate so quickly that USCYBERCOM would need powers to retaliate immediately, without (as it is currently obliged) referring the matter to the United States Strategic Command. In testimony to the "House Armed Services Committee on cyber operations and improving the military's cybersecurity posture" on March 4th, Adm. Rogers argues for "development of defensive options which do not require full attribution to meet the requirements of law and international agreement."

jfruh writes: Bills were introduced into both the House and Senate yesterday that would amend the Electronic Communications Privacy Act, requiring a warrant to search Americans' email messages stored on third-party servers even if they're more than 180 days old. The current version of the law was passed in 1986, and was written in an environment where most email users downloaded emails to their computer and erased them after reading them.

theodp writes Some of the world's leading Data Scientists are on the payrolls of Microsoft, Google, Facebook, Yahoo, and Apple. So, it'd be interesting to get their take on the infographics the tech giants have passed off as diversity data disclosures. Microsoft, for example, reported its workforce is 29% female, which isn't great, but if one takes the trouble to run the numbers on a linked EEO-1 filing snippet (PDF), some things look even worse. For example, only 23.35% of its reported white U.S. employee workforce is female (Microsoft, like Google, footnotes that "Gender data are global, ethnicity data are US only"). And while Google and Facebook blame their companies' lack of diversity on the demographics of U.S. computer science grads, CS grad and nationality breakouts were not provided as part of their diversity disclosures. Also, the EEOC notes that EEO-1 numbers reflect "any individual on the payroll of an employer who is an employee for purposes of the employers withholding of Social Security taxes," further muddying the disclosures of companies relying on imported talent, like H-1B visa dependent Facebook. So, were the diversity disclosure mea culpas less about providing meaningful data for analysis, and more about deflecting criticism and convincing lawmakers there's a need for education and immigration legislation (aka Microsoft's National Talent Strategy) that's in tech's interest?

chicksdaddy writes: It's always interesting to listen to what politicians say on their way out of office — after the pressure to get re-elected and say "on message" has been lifted. Eisenhower's historic farewell address in 1961 warned Americans about the influence of the Military-Industrial Complex. Twenty years later, Jimmy Carter warned of the distorting influence of "single-issue groups and special interest organizations" on the political process. And, this week, outgoing Sen. Tom Coburn (R-OK) used his final days in office to issue a blistering report on the Department of Homeland Security. Coburn argued that DHS was failing on each of its five, critical missions, among them: cyber security.

The report, "A Review of the Department of Homeland Security's Missions and Performance (PDF)," was released on Saturday. In it, the outgoing Senator said that DHS's strategy and programs "are unlikely to protect us from the adversaries that pose the greatest cybersecurity threat."

Despite spending $700 million annually on a range of cybersecurity programs, Coburn said it is hard to know whether the Department's efforts to assist the private sector in identifying, mitigating or remediating cyber incidents provide "significant value" or are worth the expense. DHS programs are still heavily weighted towards software vulnerability mitigation, Coburn says, an activity that "will not protect the nation from the most sophisticated attacks and cybersecurity threats."

schwit1 writes The Federal Bureau of Investigation is taking the position that court warrants are not required when deploying cell-site simulators in public places. Nicknamed "stingrays," the devices are decoy cell towers that capture locations and identities of mobile phone users and can intercept calls and texts. The FBI made its position known during private briefings with staff members of Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) and Sen. Chuck Grassley (R-Iowa). In response, the two lawmakers wrote Attorney General Eric Holder and Homeland Security chief Jeh Johnson, maintaining they were "concerned about whether the FBI and other law enforcement agencies have adequately considered the privacy interests" of Americans. According to the letter, which was released last week: "For example, we understand that the FBI's new policy requires FBI agents to obtain a search warrant whenever a cell-site simulator is used as part of a FBI investigation or operation, unless one of several exceptions apply, including (among others): (1) cases that pose an imminent danger to public safety, (2) cases that involve a fugitive, or (3) cases in which the technology is used in public places or other locations at which the FBI deems there is no reasonable expectation of privacy."

mpicpp sends this report from CNN: Uber has rolled back employee access to its "God view" mode, which allows the company to track riders' locations and other data. The ride service company was faced with questions about its privacy policies from U.S. Senator Al Franken, following a series of recent privacy debacles. Uber's updated policy is detailed in its response to the senator's questions. Franken sent Uber a letter (PDF, Uber's response) in November after news reports made two things clear: The ride service company collects lots of data on customers — and some executives don't exercise that power responsibly. In one case, an Uber employee using "God View" easily tracked a reporter's movements on her way to a meeting.

mpicpp sends this report from CNN: Uber has rolled back employee access to its "God view" mode, which allows the company to track riders' locations and other data. The ride service company was faced with questions about its privacy policies from U.S. Senator Al Franken, following a series of recent privacy debacles. Uber's updated policy is detailed in its response to the senator's questions. Franken sent Uber a letter (PDF, Uber's response) in November after news reports made two things clear: The ride service company collects lots of data on customers — and some executives don't exercise that power responsibly. In one case, an Uber employee using "God View" easily tracked a reporter's movements on her way to a meeting.

mrspoonsi sends this news from the BBC: The CIA carried out "brutal" interrogations of terror suspects in the years after the 9/11 attacks on the U.S., a U.S. Senate report has said. The summary of the Senate Intelligence Committee report said the CIA misled Americans on the effectiveness of "enhanced interrogation." The interrogation was poorly managed and unreliable, the report said. President Obama has previously said that in his view the techniques amounted to torture. The Senate committee's report runs to more than 6,000 pages, drawing on huge quantities of evidence, but it remains classified and only a 480-page summary (PDF) is being released. Publication had been delayed amid disagreements in Washington over what should be made public. CIA Director John Brennan has posted a response.

An anonymous reader sends this report from The Verge: Senator Ron Wyden (D-OR) is trying to proactively block FBI head James Comey's request for new rules that make tapping into devices easier. The Secure Data Act would ban agencies from making manufacturers alter their products to allow easier surveillance or search, something Comey has said is necessary as encryption becomes more common and more sophisticated. "Strong encryption and sound computer security is the best way to keep Americans' data safe from hackers and foreign threats," said Wyden in a statement. "It is the best way to protect our constitutional rights at a time when a person's whole life can often be found on his or her smartphone."

An anonymous reader writes On Thursday, a bipartisan law was introduced in the Senate that would limit US law enforcement's ability to obtain user data from US companies with servers physically located abroad. Law enforcement would still be able to gain access to those servers with a US warrant, but the warrant would be limited to data belonging to US citizens. This bill, called the LEADS Act (PDF), addresses concerns by the likes of Microsoft and other tech giants that worry about the impact law enforcement over-reach will have on their global businesses. Critics remain skeptical: "we are concerned about how the provision authorizing long-arm warrants for the accounts of US persons would be administered, and whether we could reasonably expect reciprocity from other nations on such an approach."

itwbennett writes The Senate Armed Service Committee released on Wednesday an unclassified version of a report (PDF) commissioned last year to investigate cyberattacks against contractors for the U.S. Transportation Command (TRANSCOM). The report alleges that the Chinese military successfully stole emails, documents, login credentials and more from contractors, but few of those incidents were ever reported to TRANSCOM. During a one-year period starting in June 2012, TRANSCOM contractors endured more than 50 intrusions, 20 of which were successful in planting malware. TRANSCOM learned of only two of the incidents. The FBI, however, was aware of 10 of the attacks.

An anonymous reader writes: Today Senator Patrick Leahy (D-VT) introduced a bill that would ban bulk collection of telephone records and internet data for U.S. citizens. This is a stronger version of the legislation that passed the U.S. House in May, and it has support from the executive branch as well. "The bill, called the USA Freedom Act, would prohibit the government from collecting all information from a particular service provider or a broad geographic area, such as a city or area code, according to a release from Leahy's office. It would expand government and company reporting to the public and reform the Foreign Intelligence Surveillance Court, which reviews NSA intelligence activities. Both House and Senate measures would keep information out of NSA computers, but the Senate bill would impose stricter limits on how much data the spy agency could seek."

Jason Koebler (3528235) writes "The cybersecurity bill making its way through the Senate right now is so broad that it could allow ISPs to classify Netflix as a "cyber threat," which would allow them to throttle the streaming service's delivery to customers. "A 'threat,' according to the bill, is anything that makes information unavailable or less available. So, high-bandwidth uses of some types of information make other types of information that go along the same pipe less available," Greg Nojeim, a lawyer with the Center for Democracy and Technology, said. "A company could, as a cybersecurity countermeasure, slow down Netflix in order to make other data going across its pipes more available to users.""

chicksdaddy (814965) writes 'As the U.S. Senate considers draft legislation governing the commercial use of location data, The Federal Trade Commission (FTC) is asking Congress to make it — not the Department of Justice — the chief rule maker and enforcer of policies for the collection and sharing of geolocation information, the Security Ledger reports.

Jessica Rich, Director of the FTC Bureau of Consumer Protection, told the Senate Judiciary Committee's Subcommittee for Privacy, Technology that the Commission would like to see changes to the wording of the Location Privacy Protection Act of 2014 (LPPA) . The LPPA is draft legislation introduced by Sen. Al Franken that carves out new consumer protections for location data sent and received by mobile phones, tablets and other portable computing devices. Rich said that the FTC, as the U.S. Government's leading privacy enforcement agency, should be given rule making and enforcement authority for the civil provisions of the LPPA. The current draft of the law instead gives that authority to the Department of Justice.

The LPPA updates the Electronic Communications Privacy Act to take into account the widespread and availability and commercial use of geolocation information provided. LPPA requires that companies get individuals' permission before collecting location data off of smartphones, tablets, or in-car navigation devices, and before sharing it with others.

It would prevent what Franken refers to as "GPS stalking," preventing companies from collecting location data in secret. LPPA also requires companies to reveal the kinds of data they collect and how they share and use it, bans the development, operation, and sale of GPS stalking apps and requires the federal government to collect data on GPS stalking and facilitate reporting of GPS stalking by the public.'

Hugh Pickens DOT Com (2995471) writes "Carolyn Lochhead reports in the SF Chronicle that the White House has announced a plan allowing spouses of H-1B visa holders to work in the United States, a coup for Silicon Valley companies that have been calling for more lenient rules for immigrants who come to the United States to work in technology. 'The proposals announced today will encourage highly skilled, specially trained individuals to remain in the United States and continue to support U.S. businesses and the growth of the U.S. economy,' says Deputy Secretary of Homeland Security Alejandro Mayorkas. 'A concurrent goal is for the United States to maintain competitiveness with other countries that attract skilled foreign workers and offer employment authorization for spouses of skilled workers. American businesses continue to need skilled nonimmigrant and immigrant workers.'

Currently, spouses of H-1B visa holders are not allowed to work unless they obtain their own visa but tech companies have been calling for more H-1B visas, and supporters of the rule change argue that it will bring in more talented workers. Critics say they believe expanding the H-1B visa program will allow lower-paid foreign workers to take American jobs. The plan immediately drew fire from Republicans. Sen. Jeff Sessions of Alabama, who sits on the Judiciary Committee, accused the administration of acting unilaterally to change immigration law and bring in tens of thousands of potential competitors with Americans for jobs. 'Fifty million working-age Americans aren't working,' Sessions said in a statement, adding that as many as 'half of new technology jobs may be going to guest workers. This will help corporations by further flooding a slack labor market, pulling down wages.'"

theodp (442580) writes "Billionaire-backed Code.org, enthusiastically tweets U.S. Dept. of Education Chief Arne Duncan, is 'providing tremendous leadership in bringing coding & computer science to our nation's schools.' Including bringing kids in Broward County Public Schools the best computer science teachers $15.00-an-hour can buy, according to a document on the school district's website. One wonders how the Broward teachers feel about Code.org apparently coughing up $38.33-an-hour for Chicago teachers who attend the required Code.org professional development, which ironically covers equity issues. Duncan's shout-out comes days after Code.org claimed in its Senate testimony that 'our students have voted with their actions [participating in an hour-long, Angry Birds-themed Blockly tutorial starring Mark Zuckerberg and Bill Gates]: that learning computer science is this generation's Sputnik moment, that it's part of the new American Dream, and that it should be available to every student, in every school, as part of the standard curriculum.'"

New submitter dislikes_corruption writes: "Stopping the recently announced plan by the FCC to end net neutrality is going to require a significant outcry by the public at large, a public that isn't particularly well versed on the issue or why they should care. Ryan Singel, a former editor at Wired, has written a thorough and easy to understand primer on the FCC's plan, the history behind it, and how it will impact the Internet should it come to pass. It's suitable for your neophyte parent, spouse, or sibling. In the meantime, the FCC has opened a new inbox (openinternet@fcc.gov) for public comments on the decision, there's a petition to sign at whitehouse.gov, and you can (and should) contact your congressmen."

An anonymous reader writes "The FBI insists that it uses drone technology to conduct surveillance in 'very limited circumstances.' What those particular circumstances are remain a mystery, particularly since the Bureau refuses to identify instances where agents deployed unmanned aerial vehicles, even as far back as 2006. In a letter to Senator Ron Paul last July, the FBI indicated that it had used drones a total of ten times since late 2006—eight criminal cases and two national security cases—and had authorized drone deployments in three additional cases, but did not actually fly them. The sole specific case where the FBI is willing to confirm using a drone was in February 2013, as surveillance support for a child kidnapping case in Alabama. New documents obtained by MuckRock as part of the Drone Census flesh out the timeline of FBI drone deployments in detail that was previously unavailable. While heavily redacted—censors deemed even basic facts that were already public about the Alabama case to be too sensitive for release, apparently—these flight orders, after action reviews and mission reports contain new details of FBI drone flights."

An anonymous reader writes "Sen. Joe Manchin of West Virginia, a member of the Senate Banking Committee, has called for for heavily regulation of Bitcoin. Reached for comment, his staff confirmed Manchin is seeking a 'ban' that would apply to any cryptocurrency that's both anonymous and unregulated."

greatgreygreengreasy writes "In 2005, then-governor of North Dakota John Hoeven signed into law a bill 'ensuring drivers' ownership of their EDR (Electronic Data Recorder) data.' Now a U.S. senator, Hoeven (R-ND) has teamed up with Amy Klobuchar, D-MN, to introduce similar legislation at the Federal level. 'Under this legislation, EDR data could only be retrieved [for specific reasons].' The EFF has expressed concern in the past over the so-called black boxes and their privacy implications. This legislation, however, would not address the recent revelations by a Ford executive on their access to data, since in those cases, 'The vehicle owner or lessee consents to the data retrieval.' The bill has gained the support of about 20 senators so far."

sciencehabit writes "The ghost of former President George W. Bush permeates the 2014 budget that Congress released this week. His presence is good news for physical scientists, but less cheery for biomedical researchers, as Congress reserved some of the biggest spending increases for NASA and the Department of Energy. The National Institutes of Health, meanwhile, got a $1 billion increase that is drawing mixed reviews from research advocates."

cold fjord writes with this excerpt from Fox News: "A U.S. senator on Friday pressed the National Security Agency on whether its controversial spying practices extend to monitoring members of Congress. 'Has the NSA spied, or is the NSA currently spying, on members of Congress or other American elected officials?' Sen. Bernie Sanders, I-Vt., asked in a letter to NSA Director Gen. Keith Alexander released from the senator's office. Sanders, a self-described 'democratic socialist,' defines spying as monitoring the phone calls, emails and internet traffic of elected officials."

chicksdaddy writes "Cyber attacks on 'connected vehicles' are still in the proof of concept stage. But those proofs of concept are close enough to the real thing to prompt an inquiry from U.S. Senator Ed Markey, who sent a letter to 20 major auto manufacturers (PDF) asking for information about consumer privacy protections and safeguards against cyber attacks in their vehicles. Markey's letter, dated December 2, cites recent reports of 'commands...sent through a car's computer system that could cause it to suddenly accelerate, turn or kill the breaks,' and references research conducted by Charlie Miller and Chris Valasek (PDF) on the Toyota Prius and Ford Escape. 'Today's cars and light trucks contain more than 50 separate electronic control units (ECUs), connected through a controller area network (CAN) ... Vehicle functionality, safety and privacy all depend on the functions of these small computers, as well as their ability to communicate with one another,' Markey wrote. Among the questions Markey wants answers to: What percentage of cars sold in model years 2013 and 2014 do not have any wireless entry points? What are automakers' methods for testing for vulnerabilities in technologies it deploys — including third pressure technologies? Markey asks specifically about tire pressure monitors, bluetooth and other wireless technologies and GPS (like Onstar). What third party penetration testing is conducted on vehicles (and any results)? What intrusion detection features exist for critical components like controller area network (CAN) buses on connected vehicles?"

theodp writes "The same cast of billionaire characters — Mark Zuckerberg, Bill Gates, Steve Ballmer, Eric Schmidt — is backing FWD.us, which is lobbying Congress for more visas to 'meet our workforce needs,' as well as Code.org, which aims to popularize Computer Science education in the U.S. to address a projected CS job shortfall. In laying out the two-pronged strategy for the Senate, Microsoft General Counsel and Code.org Board member Brad Smith argued that providing more kids with a STEM education — particularly CS — was 'an issue of critical importance to our country.' But with its K-8 learn-to-code program which calls for teachers to receive 25% less money if fewer than 40% of their CS students are girls, Smith's Code.org is sending the message that training too many boys isn't an acceptable solution to the nation's CS crisis. 'When 10 or more students complete the course,' explains Code.org, "you will receive a $750 DonorsChoose.org gift code. If 40% or more of your participating students are female, you'll receive an additional $250, for a total gift of $1,000 in DonorsChoose.org funding!" The $1+ million Code.org-DonorsChoose CS education partnership appears to draw inspiration from a $5 million Google-DoonorsChoose STEM education partnership which includes nebulous conditions that disqualify schools from AP STEM funding if projected participation by female students in AP STEM programs is deemed insufficient. So, are Zuckerberg, Gates, Ballmer, and Schmidt walking-the-gender-diversity-talk at their own companies? Not according to the NY Times, which just reported that women still account for only about 25% of all employees at Code.org supporters Apple, Google, Facebook, and Microsoft. By the way, while not mentioning these specific programs, CNET reports that Slashdot owner Dice supports the STEM efforts of Code.org and Donors Choose."

Daniel_Stuckey writes "Congress held its first-ever hearing on virtual currencies this afternoon, and it may have been the best PR boost bitcoin's had yet. The tone at the hearing held before the Senate Homeland Security and Government Affairs Committee was overwhelmingly positive as the panel weighed the risks of the technology that grew out of the criminal underbelly of the web, with the potential economic value of the now-booming futurist money. The prevailing sentiment over the two-hour deep dive into the pros and cons of the digital coins boils down to this: We need to uphold America's position as center of technical innovation by welcoming the new currency—but that that can't be done without government safeguards and regulations." SonicSpike wrote in with a link to another report in Bloomberg. The Federal Reserve has no plans to regulate Bitcoin (lacking regulatory authority), but the SEC chair wrote "Regardless of whether an underlying virtual currency is itself a security, interests issued by entities owning virtual currencies or providing returns based on assets such as virtual currencies likely would be securities and therefore subject to our regulation."

theodp writes " The lack of education in computer science is an example of an area of particularly acute concern,' Microsoft General Counsel Brad Smith told Congress (PDF) as he sold lawmakers on the need to improve 'America's access to high skilled foreign talent'. Smith added that Microsoft also wants to 'help American students and workers gain the skills needed for the jobs that will fuel the innovation economy.' Towards that end, Microsoft will award $100,000 worth of donations to five technology education nonprofits 'who teach programming and provide technical resources to those who might not otherwise get the chance.' So, how will Microsoft determine who's most worthy? With a popularity contest, of course! At the end of October, the top five vote-getting nonprofits — only Windows AzureDev Community members are eligible to vote — will split the Microsoft Money. By the way, currently in second place but trying harder is Code.org, the seemingly dual-missioned organization advised by Microsoft's Smith which has reached out to its 140,000 Facebook fans, and 17,000 Twitter followers in its quest for the $50,000 first prize."

mspohr writes with news that Apple might be in a bit of hot water over its policy of offshoring revenues to favorable tax jurisdictions. Only they take it a step further, from the article: "Apple relied on a 'complex web of offshore entities' and U.S. tax loopholes to avoid paying billions of dollars in U.S. taxes on $44 billion in offshore income over the past four years ... The maker of iPhones and iPads used at least three foreign subsidiaries that it claims are not 'tax resident in any nation' to help it avoid paying billions in 'otherwise taxable offshore income,' the Senate Permanent Subcommittee on Investigations said in a statement yesterday."

An anonymous reader writes "The U.S. House of Representatives has voted to make the Pentagon disclose whether military drones are being used in U.S. airspace to spy on U.S. citizens. This follows Rand Paul's filibuster on the floor of the Senate in which he demanded answers from the Obama administration as to whether drone strikes on U.S. soil were a possibility. (Senator Paul received an amusingly brief response (PDF) to his 13-hour question.) From the article: 'A requirement buried in a lengthy appropriations bill calls on newly confirmed Defense Secretary Chuck Hagel to disclose to Congress what "policies and procedures" are in place "governing the use" of military drones or other unmanned aerial vehicles (UAVs) domestically. The report is due no later than 90 days after the bill is signed into law. The vote on the bill, which was overwhelmingly supported by Republicans and opposed by Democrats, comes as concerns about domestic use of drones have spiked. ...The House's language stops short of requiring Hagel to disclose whether he or his predecessor have taken the step of approving the targeting of any U.S. citizens for surveillance.'"