https://yro.slashdot.org/ News for nerds, stuff that matters en-us Copyright 1997-2016, SlashdotMedia. All Rights Reserved. 2022-07-15T02:38:13+00:00 Dice help@slashdot.org Technology 1970-01-01T00:00+00:00 1 hourly https://a.fsdn.com/sd/topics/topicslashdot.gif https://yro.slashdot.org/ https://yro.slashdot.org/story/22/07/14/1836224/omegle-can-be-sued-for-matching-child-with-sexual-predator-says-court?utm_source=rss1.0mainlinkanon&utm_medium=feed Chat service Omegle is on the hook for a lawsuit after its matching system paired an 11-year-old girl with a man who then sexually abused her. A district judge in Portland, Oregon, said the company's system wasn't protected by the legal shield that covers much user-generated content. From a report: The case isn't concluded, but it opens the door to more prosecutions based on how a platform designs its services. The legal complaint, filed late last year, alleges that Omegle's service was defective and falsely represented. It's a common strategy that's often failed in court before, including with Grindr in a harassment case, typically due to the legal protections of Section 230 of the Communications Decency Act. This time, however, Judge Michael Mosman determined that the lawsuit targeted functions specifically designed by Omegle rather than speech by other users on the platform.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Omegle+Can+Be+Sued+for+Matching+Child+With+Sexual+Predator%2C+Says+Court%3A+https%3A%2F%2Fbit.ly%2F3uOqzO5"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F14%2F1836224%2Fomegle-can-be-sued-for-matching-child-with-sexual-predator-says-court%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/14/1836224/omegle-can-be-sued-for-matching-child-with-sexual-predator-says-court?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-14T20:41:00+00:00 privacy closer-look yro 19 19,18,16,13,4,3,1 https://yro.slashdot.org/story/22/07/14/165244/india-proposes-right-to-repair-framework-for-mobile-phones-consumer-durables?utm_source=rss1.0mainlinkanon&utm_medium=feed India has proposed to introduce a right to repair law, aiming to provide consumers the ability to have their devices repaired by third parties to fight the growing "culture of planned obsolescence" in a move that follows similar deliberations in the U.S. and the UK. From a report: The Indian Department of Consumer Affairs said Wednesday that it had set up a committee to develop a right to repair framework. The committee identified mobile phones, tablets, consumer durables, automobiles and farming as important sectors for the framework, the ministry said. "The pertinent issues highlighted during the meeting include companies avoiding the publication of manuals that can help users make repairs easily," the ministry said in a statement.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=India+Proposes+Right+To+Repair+Framework+for+Mobile+Phones%2C+Consumer+Durables%3A+https%3A%2F%2Fbit.ly%2F3z4CoSA"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F14%2F165244%2Findia-proposes-right-to-repair-framework-for-mobile-phones-consumer-durables%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/14/165244/india-proposes-right-to-repair-framework-for-mobile-phones-consumer-durables?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-14T18:01:00+00:00 yro shape-of-things-to-come yro 4 4,4,4,3,2,1,1 https://news.slashdot.org/story/22/07/14/153231/ex-cia-engineer-convicted-in-biggest-theft-ever-of-agency-secrets?utm_source=rss1.0mainlinkanon&utm_medium=feed A former Central Intelligence Agency software engineer was convicted by a federal jury on Wednesday of causing the largest theft of classified information in the agency's history. From a report: The former C.I.A. employee, Joshua Schulte, was arrested after the 2017 disclosure by WikiLeaks of a trove of confidential documents detailing the agency's secret methods for penetrating the computer networks of foreign governments and terrorists. The verdict came two years after a previous jury failed to agree on eight of the 10 charges he faced then. At the earlier trial, Mr. Schulte, 33, was found guilty of contempt of court and of making false statements to the F.B.I. He was convicted on Wednesday on nine counts, which included illegally gathering national defense information and illegally transmitting that information. Damian Williams, the United States attorney in Manhattan, where the trial was held, hailed the verdict. Mr. Schulte has been convicted of "one of the most brazen and damaging acts of espionage in American history," Mr. Williams said in a statement.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Ex-CIA+Engineer+Convicted+in+Biggest+Theft+Ever+of+Agency+Secrets%3A+https%3A%2F%2Fbit.ly%2F3Pupbrs"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F22%2F07%2F14%2F153231%2Fex-cia-engineer-convicted-in-biggest-theft-ever-of-agency-secrets%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/22/07/14/153231/ex-cia-engineer-convicted-in-biggest-theft-ever-of-agency-secrets?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-14T15:21:00+00:00 usa time-to-face-music news 44 44,43,38,31,12,9,4 https://news.slashdot.org/story/22/07/14/0034248/a-copyright-lawsuit-threatens-to-kill-free-access-to-internet-archives-library-of-books?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from Popular Science: Internet Archive, a non-profit digital library and a massive repository of online artifacts, has been collecting mementos of the ever-expanding World Wide Web for over two decades, allowing users to revisit sites that have since been changed or deleted. But like the web, it too has evolved since its genesis, and in the aughts, it also began to offer a selection of ebooks that any internet user can check out with the creation of a free account. That latter feature has gotten the organization in some trouble. Internet Archive was sued by a suite of four corporate publishers in 2020 over copyright controversies -- with one side saying that what Internet Archive does is preservation, and the other saying that it's piracy, since it freely distributes books as image files without compensating the author. Last week, the ongoing case entered a new chapter as the nonprofit organization filed a motion for summary judgment, asking a federal judge to put a stop to the lawsuit, arguing that their Controlled Digital Lending program "is a lawful fair use that preserves traditional library lending in the digital world" since "each book loaned via CDL has already been bought and paid for." On Friday, Creative Commons issued a statement supporting Internet Archive's motion. In 2006, Internet Archive started a program for digitizing books both under copyright and in the public domain. It works with a range of global partners, including other libraries, to scan materials onto its site (Cornell University made a handy guide on what works fall under copyright vs. the public domain). For copyrighted books, Internet Archive owns the physical books that they created the digital copies from and limits their circulation by allowing only one person to borrow a title at a time. Book publishers, namely Hachette Book Group, HarperCollins, John Wiley Sons, and Penguin Random House, were not keen on this practice, and they have been seeking financial damages for the 127 books (PDF) shared under copyright. Vox estimated that if the publishers win, Internet Archive would have to pay $19 million, which is about "one year of operating revenue." In the most recent filings, the publishers accused Internet Archive of amassing "a collection of more than three million unauthorized in-copyright ebooks -- including more than 33,000 of the Publishers' commercially available titles -- without obtaining licenses to do so or paying the rightsholders a cent for exploiting their works. Anybody in the world with an internet connection can instantaneously access these stolen works via IA's interrelated archive.org and openlibrary.org websites." In its defense, Internet Archive, which is being represented by the Electronic Frontier Foundation, says that "libraries have been practicing CDL in one form or another for more than a decade," and that Internet Archive lends its digitized books on an "owned-to-loaned basis, backstopped by strong technical protections to enforce lending limits."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=A+Copyright+Lawsuit+Threatens+To+Kill+Free+Access+To+Internet+Archive's+Library+of+Books%3A+https%3A%2F%2Fbit.ly%2F3O81PqP"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F22%2F07%2F14%2F0034248%2Fa-copyright-lawsuit-threatens-to-kill-free-access-to-internet-archives-library-of-books%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/22/07/14/0034248/a-copyright-lawsuit-threatens-to-kill-free-access-to-internet-archives-library-of-books?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2022-07-14T13:00:00+00:00 books rights-of-online-libraries news 40 40,36,34,30,15,8,7 https://yro.slashdot.org/story/22/07/13/2215232/google-files-a-lawsuit-that-could-kick-tinder-out-of-the-play-store?utm_source=rss1.0mainlinkanon&utm_medium=feed Google has counter-sued Match seeking monetary damages and a judgement that would let it kick Tinder and the group's other dating apps out of the Play Store, Bloomberg has reported. Engadget reports: Earlier this year, Match sued Google alleging antitrust violations over a decision requiring all Android developers to process "digital goods and services" payments through the Play Store billing system. Following the initial lawsuit in May, Google and Match reached a temporary agreement allowing Match to remain on the Play Store and use its own payments system. Google also agreed to make a "good faith" effort to address Match's billing concerns. Match, in turn, was to make an effort to offer Google's billing system as an alternative. However, Google parent Alphabet claims that Match Group now wants to avoid paying "nothing at all" to Google, including its 15 to 30 percent Play Store fees, according to a court filing. "Match Group never intended to comply with the contractual terms to which it agreed... it would also place Match Group in an advantaged position relative to other app developers," the document states. Match group said that Google's Play Store policies violate federal and state laws. "Google doesn't want anyone else to sue them so their counterclaims are designed as a warning shot," Match told Bloomberg in a statement. "We are confident that our suit, alongside other developers, the US Department of Justice and 37 state attorneys general making similar claims, will be resolved in our favor early next year."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Google+Files+a+Lawsuit+That+Could+Kick+Tinder+Out+of+the+Play+Store%3A+https%3A%2F%2Fbit.ly%2F3ID6csL"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F13%2F2215232%2Fgoogle-files-a-lawsuit-that-could-kick-tinder-out-of-the-play-store%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/13/2215232/google-files-a-lawsuit-that-could-kick-tinder-out-of-the-play-store?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2022-07-14T00:45:00+00:00 google good-riddance yro 59 59,57,54,48,15,4,1 https://yro.slashdot.org/story/22/07/13/1659228/amazon-admits-giving-ring-camera-footage-to-police-without-a-warrant-or-consent?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader shares a report: Ring, Amazon's perennially controversial and police-friendly surveillance subsidiary, has long defended its cozy relationship with law enforcement by pointing out that cops can only get access to a camera owner's recordings with their express permission or a court order. But in response to recent questions from Sen. Ed Markey, D-Mass., the company stated that it has provided police with user footage 11 times this year alone without either. Last month, Markey wrote to Amazon asking it to both clarify Ring's ever-expanding relationship with American police, who've increasingly come to rely on the company's growing residential surveillance dragnet, and to commit to a raft of policy reforms. In a July 1 response from Brian Huseman, Amazon vice president of public policy, the company declined to permanently agree to any of them, including "Never accept financial contributions from policing agencies," "Never allow immigration enforcement agencies to request Ring recordings," and "Never participate in police sting operations." Although Ring publicizes its policy of handing over camera footage only if the owner agrees -- or if judge signs a search warrant -- the company says it also reserves the right to supply police with footage in "emergencies," defined broadly as "cases involving imminent danger of death or serious physical injury to any person." Markey had also asked Amazon to clarify what exactly constitutes such an "emergency situation," and how many times audiovisual surveillance data has been provided under such circumstances.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Amazon+Admits+Giving+Ring+Camera+Footage+To+Police+Without+a+Warrant+or+Consent%3A+https%3A%2F%2Fbit.ly%2F3OiZ4TL"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F13%2F1659228%2Famazon-admits-giving-ring-camera-footage-to-police-without-a-warrant-or-consent%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/13/1659228/amazon-admits-giving-ring-camera-footage-to-police-without-a-warrant-or-consent?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-13T17:25:00+00:00 privacy how-about-that yro 68 68,63,60,52,18,15,11 https://tech.slashdot.org/story/22/07/12/2040218/tiktok-hits-pause-on-its-most-controversial-privacy-update-yet?utm_source=rss1.0mainlinkanon&utm_medium=feed Early last month, TikTok users across Europe were told that, starting July 13th, the platform would begin using their on-app data to serve up targeted ads, even if those users didn't consent to the practice. Now, less than a day before that change would have rolled out European Union-wide, it looks like the company's reconsidering things a bit. Gizmodo reports: A company spokesperson told TechCrunch on Tuesday that TikTok is "pausing" the update while it "engage[s] on the questions from stakeholders," about the way it handles personalized ads. And needless to say, there are quite a lot of questions about that right now -- from data protection authorities in the EU, from lawmakers in the US, and from privacy experts pretty much everywhere. For context: until this point, European users that opened the TikTok app needed to offer express consent to let the company use their data for targeted ads. This update planned to do away with the need for that pesky consent by on a legal basis known as "legitimate interest" to target those ads instead. In a nutshell, the "legitimate interest" clause would let TikTok process people's data, consent-free, if it was for a purpose that TikTok deemed reasonable. This means the company could say, for example, that because targeted ads bring in more money than their un-targeted equivalent, it would be reasonable to serve all users -- consenting or otherwise -- targeted ads. Reasonable, right?<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=TikTok+Hits+Pause+On+Its+Most+Controversial+Privacy+Update+Yet%3A+https%3A%2F%2Fbit.ly%2F3P2rqT7"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F22%2F07%2F12%2F2040218%2Ftiktok-hits-pause-on-its-most-controversial-privacy-update-yet%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://tech.slashdot.org/story/22/07/12/2040218/tiktok-hits-pause-on-its-most-controversial-privacy-update-yet?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2022-07-13T00:45:00+00:00 social pumping-the-brakes technology 9 9,8,7,6,3,0,0 https://yro.slashdot.org/story/22/07/12/202211/tech-ceo-arrested-in-1992-mountain-view-cold-case-slaying-after-dna-breakthrough?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from The Daily Beast: On Sept. 5, 1992, computer engineer Laurie Houts, 25, was found fatally strangled in her car near a California garbage dump. Her boyfriend's roommate was arrested in connection with the case, but two trials -- and two hung juries -- later, a judge dismissed the case. The roommate moved to the Netherlands soon afterward. Over the weekend, the roommate -- now the chief executive of a small software company -- was arrested as he landed at John F. Kennedy International Airport in New York City, according to the Santa Clara County Office of the District Attorney. John Woodward, the 58-year-old CEO and president of ReadyTech, is expected to be extradited to Santa Clara County by the end of the month, District Attorney Jeff Rosen said Monday. Once there, Woodward will be arraigned for the third time in Houts' murder by strangulation. Houts' body was discovered by a passerby less than a mile from her office at Adobe Systems in Mountain View more than 30 years ago, according to the San Francisco Chronicle. A rope was around her neck, and there were footprints on the inside of her windshield, which were called "a sign of her struggle with Woodward" by the district attorney's office. Forensic science at the time was able to match Woodward to fingerprints found outside the car, but investigators could not prove that he had been inside the vehicle. Still, when Houts' boyfriend made a call, monitored by police, to Woodward soon after the 25-year-old's death, he "did not deny" killing Houts. Instead, according to a police summary of the matter, Woodward asked what evidence the authorities had against him and suggested to the roommate that they "meet in a parking lot" to talk more. Woodward, who had no alibi for the night Houts was killed, was arrested that same year. Prosecutors alleged that Woodward had developed an "unrequited" romantic interest in Houts' boyfriend. The theory was criticized as homophobic at Woodward's first trial by his defense lawyer in 1995, the The Mercury News reported Monday, and the jury deadlocked on his innocence, voting 8-4 for acquittal. A year later, despite a judge barring the romantic-rival argument, the jury hearing Woodward's second trial again hung itself, this time ruling 7-5. The judge soon dismissed the case for insufficient evidence. But advances in DNA technology allowed detectives to link Woodward to the rope around Houts' neck for the first time last year, Rosen's statement said. Investigators in both the Santa Clara County Crime Lab and Mountain View Police Department matched both Woodward's genetic material and fibers on his sweatpants to "the murder weapon," police said.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Tech+CEO+Arrested+In+1992+Mountain+View+Cold+Case+Slaying+After+DNA+Breakthrough%3A+https%3A%2F%2Fbit.ly%2F3yWzIq5"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F12%2F202211%2Ftech-ceo-arrested-in-1992-mountain-view-cold-case-slaying-after-dna-breakthrough%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/12/202211/tech-ceo-arrested-in-1992-mountain-view-cold-case-slaying-after-dna-breakthrough?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2022-07-12T21:20:00+00:00 crime case-closed yro 70 70,66,57,50,13,6,5 https://yro.slashdot.org/story/22/07/12/185235/ftc-warns-tech-companies-against-misusing-health-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Tech companies and data brokers that misuse or misrepresent how they handle Americans' personal data, including reproductive health information, may find themselves on the hook with the Federal Trade Commission, the agency warned this week. From a report: On Monday, the FTC renewed its vow to investigate or sue companies that use Americans' digital data in unfair or deceptive ways, following an executive order by the Biden administration that explicitly called for it and other agencies to consider steps to protect abortion-seekers. Since the Supreme Court decision overturning Roe v. Wade, civil liberties experts have warned that Americans' extensive digital footprints could give away whether they have visited an abortion clinic or sought information on how to access an abortion, prompting questions about the security of that data. "The misuse of mobile location and health information -- including reproductive health data -- exposes consumers to significant harm," the FTC said in a blog post. "The exposure of health information and medical conditions, especially data related to sexual activity or reproductive health, may subject people to discrimination, stigma, mental anguish, or other serious harms." It added: "The Commission is committed to using the full scope of its legal authorities to protect consumers' privacy. We will vigorously enforce the law if we uncover illegal conduct that exploits Americans' location, health, or other sensitive data."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=FTC+Warns+Tech+Companies+Against+Misusing+Health+Data%3A+https%3A%2F%2Fbit.ly%2F3yXZiei"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F12%2F185235%2Fftc-warns-tech-companies-against-misusing-health-data%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/12/185235/ftc-warns-tech-companies-against-misusing-health-data?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-12T18:40:00+00:00 business tussle-continues yro 32 32,32,28,26,7,5,2 https://yro.slashdot.org/story/22/07/11/2116204/judge-rules-subway-can-be-sued-over-claims-that-its-tuna-sandwiches-contain-other-fish-species-or-animal-products?utm_source=rss1.0mainlinkanon&utm_medium=feed Sandwich chain Subway can be sued over claims it is allegedly misleading customers when it says its tuna products are in fact "100% tuna," a federal judge in California said Monday. From a report: The suit, originally brought by Oakland-area resident Nilima Amin in January 2021, claims Subway's tuna "partially or wholly lack tuna as an ingredient" and "contain other fish species, animal products, or miscellaneous products aside from tuna." The claims are based on testing performed at a UCLA marine biology laboratory. Subway has responded by saying any product that is not tuna in its tuna products would most likely be the result of cross-contact occurring as one of its employees prepares a sandwich.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Judge+Rules+Subway+Can+Be+Sued+Over+Claims+That+Its+Tuna+Sandwiches+Contain+Other+Fish+Species+or+Animal+Products%3A+https%3A%2F%2Fbit.ly%2F3nTSZ5f"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F11%2F2116204%2Fjudge-rules-subway-can-be-sued-over-claims-that-its-tuna-sandwiches-contain-other-fish-species-or-animal-products%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/11/2116204/judge-rules-subway-can-be-sued-over-claims-that-its-tuna-sandwiches-contain-other-fish-species-or-animal-products?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-11T22:10:00+00:00 court don't-mess-with-tuna yro 79 79,79,70,61,14,6,4 https://tech.slashdot.org/story/22/07/11/2023254/hackers-uncover-ways-to-unlock-and-start-nearly-all-modern-honda-branded-vehicles?utm_source=rss1.0mainlinkanon&utm_medium=feed An anonymous reader quotes a report from The Drive: Hackers have uncovered ways to unlock and start nearly all modern Honda-branded vehicles by wirelessly stealing codes from an owner's key fob. Dubbed "Rolling Pwn," the attack allows any individual to "eavesdrop" on a remote key fob from nearly 100 feet away and reuse them later to unlock or start a vehicle in the future without owner's knowledge. Despite Honda's dispute that the technology in its key fobs "would not allow the vulnerability," The Drive has independently confirmed the validity of the attack with its own demonstration. Older vehicles used static codes for keyless entry. These static codes are inherently vulnerable, as any individual can capture and replay them at will to lock and unlock a vehicle. Manufacturers later introduced rolling codes to improve vehicle security. Rolling codes work by using a Pseudorandom Number Generator (PRNG). When a lock or unlock button is pressed on a paired key fob, the fob sends a unique code wirelessly to the vehicle encapsulated within the message. The vehicle then checks the code sent to it against its internal database of valid PRNG-generated codes, and if the code is valid, the car grants the request to lock, unlock, or start the vehicle. The database contains several allowed codes, as a key fob may not be in range of a vehicle when a button is pressed and may transmit a different code than what the vehicle is expecting to be next chronologically. This series of codes is also known as a "window," When a vehicle receives a newer code, it typically invalidates all previous codes to protect against replay attacks. This attack works by eavesdropping on a paired keyfob and capturing several codes sent by the fob. The attacker can later replay a sequence of valid codes and re-sync the PRNG. This allows the attacker to re-use older codes that would normally be invalid, even months after the codes have been captured. [...] Contrary to Honda's claim, I independently confirmed the vulnerability by capturing and replaying a sequence of lock and unlock requests with my 2021 Honda Accord and a Software-Defined Radio. Despite being able to start and unlock the car, the vulnerability doesn't allow the attacker to actually drive off with the vehicle due to the proximity functionality of the key fob. However, the fact that a bad actor can get this far is already a bad sign. At this time, the following vehicles may be affected by the vulnerability: 2012 Honda Civic, 2018 Honda X-RV, 2020 Honda C-RV, 2020 Honda Accord, 2021 Honda Accord, 2020 Honda Odyssey, 2021 Honda Inspire, 2022 Honda Fit, 2022 Honda Civic, 2022 Honda VE-1, and 2022 Honda Breeze. It's not yet clear if this affects any Acura-branded vehicles. "[W]e've looked into past similar allegations and found them to lack substance," said a Honda spokesperson in a statement to The Drive. "While we don't yet have enough information to determine if this report is credible, the key fobs in the referenced vehicles are equipped with rolling code technology that would not allow the vulnerability as represented in the report. In addition, the videos offered as evidence of the absence of rolling code do not include sufficient evidence to support the claims."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Hackers+Uncover+Ways+To+Unlock+and+Start+Nearly+All+Modern+Honda-Branded+Vehicles%3A+https%3A%2F%2Fbit.ly%2F3c62Xh3"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F22%2F07%2F11%2F2023254%2Fhackers-uncover-ways-to-unlock-and-start-nearly-all-modern-honda-branded-vehicles%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://tech.slashdot.org/story/22/07/11/2023254/hackers-uncover-ways-to-unlock-and-start-nearly-all-modern-honda-branded-vehicles?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> BeauHD 2022-07-11T20:50:00+00:00 transportation significant-vulnerabilities technology 38 38,35,33,27,6,4,0 https://yro.slashdot.org/story/22/07/11/1352207/myanmars-junta-rolls-out-chinese-camera-surveillance-systems-in-more-cities?utm_source=rss1.0mainlinkanon&utm_medium=feed Myanmar's junta government is installing Chinese-built cameras with facial recognition capabilities in more cities across the country, Reuters reported Monday, citing three people with direct knowledge of the matter. From the report: In tenders to procure and install the security cameras and facial recognition technology, the plans are described as safe city projects aimed at maintaining security and, in some cases, preserving civil peace, said the people who are or have been involved in the projects. Since the February 2021 coup, local authorities have started new camera surveillance projects for at least five cities including Mawlamyine - the country's fourth-largest city, according to information from the three people who asked not to be identified for fear of reprisals by the junta. The new projects are in addition to five cities where camera systems touted as crime prevention measures were either installed or planned by the previous government led by Aung San Suu Kyi, according to the sources and local media.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Myanmar's+Junta+Rolls+Out+Chinese+Camera+Surveillance+Systems+in+More+Cities%3A+https%3A%2F%2Fbit.ly%2F3NS2XyJ"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F11%2F1352207%2Fmyanmars-junta-rolls-out-chinese-camera-surveillance-systems-in-more-cities%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/11/1352207/myanmars-junta-rolls-out-chinese-camera-surveillance-systems-in-more-cities?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> msmash 2022-07-11T14:40:00+00:00 china shape-of-things-to-come yro 27 27,27,21,20,3,2,2 https://yro.slashdot.org/story/22/07/11/0458240/the-three-reasons-why-elon-musk-called-off-his-acquisition-of-twitter?utm_source=rss1.0mainlinkanon&utm_medium=feed Elon Musk just tweeted a picture of himself laughing &mdash; along with a caption he'd apparently added himself. "They said I couldn't buy Twitter. Then they wouldn't disclose bot info. Now they want to force me to buy Twitter in court. Now they have to disclose bot info in court." In fact, tonight The Register cited one of the documents Twitter filed in court after Musk's lawyer argued Twitter had "failed or refused" to provide info on spam accounts. But so far it's just a letter Musk's lawyer wrote to the court on Friday, explaining in more detail why Musk wants to call off the acquisition: One segment of the document claims that Musk and his team sought "a variety of board materials, including a working, bottom-up financial model for 2022, a budget for 2022, an updated draft plan or budget, and a working copy of Goldman Sachs' valuation model underlying its fairness opinion." "Twitter has provided only a pdf copy of Goldman Sachs' final Board presentation." Other disclosures, the document states, "come with strings attached, use limitations or other artificial formatting features, which has rendered some of the information minimally useful to Mr. Musk and his advisors. "For example, when Twitter finally provided access to the eight developer 'APIs' first explicitly requested by Mr. Musk in the May 25 Letter, those APIs contained a rate limit lower than what Twitter provides to its largest enterprise customers. Twitter only offered to provide Mr. Musk with the same level of access as some of its customers after we explained that throttling the rate limit prevented Mr. Musk and his advisors from performing the analysis that he wished to conduct in any reasonable period of time. "Additionally, those APIs contained an artificial 'cap' on the number of queries that Mr. Musk and his team can run regardless of the rate limit &mdash; an issue that initially prevented Mr. Musk and his advisors from completing an analysis of the data in any reasonable period of time," the document states. Musk and his team raised the issue of query limits on June 29, but Twitter did not change the limit until July 6 &mdash; after Musk asked for its removal a second time.... Musk felt Twitter was in breach of the merger agreement. So he pulled the plug, leaving open the questions of why Twitter might have provided only limited access to its APIs, or why it could not offer more access given it operates at significant scale. In fact, it's one of three reasons for ending the acquisition that Musk's lawyer makes in the letter. Materially-relevant figures on spam accounts were reason number one. ("Twitter has not provided information that Mr. Musk has requested for nearly two months notwithstanding his repeated, detailed clarifications intended to simplify Twitter's identification, collection, and disclosure of the most relevant information sought in Mr. Musk's original requests.") But there's more... Musk's lawyer also argues Twitter is in breach of the merger agreement because of "materially inaccurate representations" &mdash; specifically their figures on monetizable daily active users. While Musk's analysis "remains ongoing, all indications suggest that several of Twitter's public disclosures...are either false or materially misleading." While Twitter has claimed they have a reasoned process for calculating monetizable daily active users (and the percentage of spam accounts), Musk's lawyer argues that instead the process "appears to be arbitrary and ad hoc," rendering Twitter's statements "false and misleading." And thus, "Mr. Musk has the right to seek rescission of the Merger Agreement in the event these material representations are determined to be false." But finally Musk's lawyer provides a third reason for ending the acquisition. Twitter was required to "seek and obtain consent before deviating from its obligation to conduct its business in the ordinary course and 'preserve substantially intact the material components of its current business organization.'" The lawyer's letter argues that didn't happen: Twitter's conduct in firing two key, high-ranking employees, its Revenue Product Lead and the General Manager of Consumer, as well as announcing on July 7 that it was laying off a third of its talent acquisition team, implicates the ordinary course provision. Twitter has also instituted a general hiring freeze which extends even to reconsideration of outstanding job offers. Moreover, three executives have resigned from Twitter since the Merger Agreement was signed: the Head of Data Science, the Vice President of Twitter Service, and a Vice President of Product Management for Health, Conversation, and Growth. But Twitter hadn't received "consent for changes in the conduct of its business, including for the specific changes listed above," according to Musk's lawyer, which "therefore constitute a material breach of Section 6.1 of the Merger Agreement."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=The+Three+Reasons+Why+Elon+Musk+Called+Off+His+Acquisition+of+Twitter%3A+https%3A%2F%2Fbit.ly%2F3AJvX8K"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F11%2F0458240%2Fthe-three-reasons-why-elon-musk-called-off-his-acquisition-of-twitter%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/11/0458240/the-three-reasons-why-elon-musk-called-off-his-acquisition-of-twitter?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2022-07-11T07:34:00+00:00 court tweet-dreams yro 352 352,343,302,258,47,20,16 https://news.slashdot.org/story/22/07/11/0243224/efforts-to-acquire-pegasus-spywares-company-backed-by-us-spies-says-stingray-maker?utm_source=rss1.0mainlinkanon&utm_medium=feed The New York Times describes Pegasus as "a 'zero-click' hacking tool that can remotely extract everything from a target's mobile phone [and] turn the mobile phone into a tracking and recording device." But they also report that the tool's "notorious" maker, NSO Group, was visited "numerous times" in recent months by a executives from American military contractor L3Harris &mdash; makes of the cellphone-tracking Stingray tool &mdash; who'd wanted to negotiate a purchase of the company. Their first problem? The U.S. government had blacklisted NSO Group in November, saying Pegasus had been used to compromise phones of political leaders, human rights activists and journalists. But five people familiar with the negotiations said that the L3Harris team had brought with them a surprising message that made a deal seem possible. American intelligence officials, they said, quietly supported its plans to purchase NSO, whose technology over the years has been of intense interest to many intelligence and law enforcement agencies around the world, including the F.B.I. and the C.I.A. The talks continued in secret until last month, when word of NSO's possible sale leaked and sent all the parties scrambling. White House officials said they were outraged to learn about the negotiations, and that any attempt by American defense firms to purchase a blacklisted company would be met by serious resistance.... Left in place are questions in Washington, other allied capitals and Jerusalem about whether parts of the U.S. government &mdash; with or without the knowledge of the White House &mdash; had seized an opportunity to try to bring control of NSO's powerful spyware under U.S. authority, despite the administration's very public stance against the Israeli firm.... [NSO Group] had seen a deal with the American defense contractor as a potential lifeline after being blacklisted by the Commerce Department, which has crippled its business. American firms are not allowed to do business with companies on the blacklist, under penalty of sanctions. As a result, NSO cannot buy any American technology to sustain its operations &mdash; whether it be Dell servers or Amazon cloud storage &mdash; and the Israeli firm has been hoping that being sold to a company in the United States could lead to the sanctions being lifted.... L3 Harris's representatives told the Israelis that U.S. intelligence agencies supported the acquisition as long as certain conditions were met, according to five people familiar with the discussions. One of the conditions, those people said, was that NSO's arsenal of "zero days" &mdash; the vulnerabilities in computer source code that allow Pegasus to hack into mobile phones &mdash; could be sold to all of the United States' partners in the so-called Five Eyes intelligence sharing relationship. The other partners are Britain, Canada, Australia and New Zealand. "Several people familiar with the talks said there have been attempts to resuscitate the negotiations..."<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status=Efforts+to+Acquire+Pegasus+Spyware's+Company+Backed+by+US+Spies%2C+Says+Stingray+Maker%3A+https%3A%2F%2Fbit.ly%2F3OZRpKX"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F22%2F07%2F11%2F0243224%2Fefforts-to-acquire-pegasus-spywares-company-backed-by-us-spies-says-stingray-maker%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://news.slashdot.org/story/22/07/11/0243224/efforts-to-acquire-pegasus-spywares-company-backed-by-us-spies-says-stingray-maker?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2022-07-11T03:34:00+00:00 usa spy-vs-spy news 23 23,22,16,15,7,3,3 https://yro.slashdot.org/story/22/07/10/199234/toward-a-future-we-want-to-live-in---eff-celebrates-32nd-birthday?utm_source=rss1.0mainlinkanon&utm_medium=feed "Today at the Electronic Frontier Foundation, we're celebrating 32 years of fighting for technology users around the world," reads a new announcement posted at EFF.org: If you were online back in the 90s, you might remember that it was pretty wild. We had bulletin boards, FTP, Gopher, and, a few years later, homespun websites. You could glimpse a future where anyone, anywhere in the world could access information, float new ideas, and reach each other across vast distances. It was exciting and the possibilities seemed endless. But the founders of EFF also knew that a better future wasn't automatic. You don't organize a team of lawyers, technologists, and activists because you think technology will magically fix everything &mdash; you do it because you expect a fight. Three decades later, thanks to those battles, the internet does much of what it promised: it connects and lifts up major grassroots movements for equity, civil liberties, and human rights and allows people to connect and organize to counteract the ugliness of the world. But we haven't yet won that future we envisioned. Just as the web connects us, it also serves as a hunting ground for those who want to surveil and control our actions, those who wish to harass and spread hate, as well as others who seek to monetize our every move and thought. Information collected for one purpose is freely repurposed in ways that oppress us, rather than lift us up. The truth is that digital tools allow those with horrible ideas to connect with each other just as it does those with beautiful, healing ones. EFF has always seen both the beauty and destructive potential of the internet, and we've always put our marker down on the side of justice, freedom, and innovation. We work every day toward a future we want to live in, and we don't do it alone. Support from the public makes every one of EFF's activism campaigns, software projects, and court filings possible. Together, we anchor the movement for a better digital world, and ensure that technology supports freedom, justice, and innovation for all people of the world. In fact, I invite every digital freedom supporter to join EFF during our summer membership drive. Right now, you can be a member for as little as $20, get some special new gear, and ensure that tech users always have a formidable defender in EFF. So how does the EFF team celebrate this auspicious anniversary? EFF does what it does best: stand up for users and innovators in the courts, in the halls of power, in the public conversation. We build privacy-protecting tools, teach skills to community members, share knowledge with allies, and preserve the best aspects of the wild web. In other words, we use every tool in our deep arsenal to fight for a better and brighter digital future for all. Thank you for standing with EFF when it counts.<p><div class="share_submission" style="position:relative;"> <a class="slashpop" href="http://twitter.com/home?status='Toward+a+Future+We+Want+to+Live+In'+-+EFF+Celebrates+32nd+Birthday%3A+https%3A%2F%2Fbit.ly%2F3NWnBO9"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F22%2F07%2F10%2F199234%2Ftoward-a-future-we-want-to-live-in---eff-celebrates-32nd-birthday%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> </div></p><p><a href="https://yro.slashdot.org/story/22/07/10/199234/toward-a-future-we-want-to-live-in---eff-celebrates-32nd-birthday?utm_source=rss1.0moreanon&amp;utm_medium=feed">Read more of this story</a> at Slashdot.</p> EditorDavid 2022-07-10T19:13:00+00:00 eff tomorrow-land yro 25 25,23,22,20,5,2,0 Search Slashdot stories query https://yro.slashdot.org/search.pl