Geek Stuff

WhatsApp Is Rolling Out Video Calls On Its Android App

Slashdot -

WhatsApp appears to be rolling out its video calling feature for beta users of the Android app. The arrival of the feature was first spotted by Android Police, which found that an updated app interface caused some users of the beta builds of the application to be able to access video calling. TechCrunch reports: For those on a version of WhatsApp which includes video calling support, you're able to tap the call button or tap on a contact card to kick off a video call. In this case, a new dialog box will appear, offering the choice between a standard voice call and a video call. In addition, the call log will show which calls were made via video by annotating them with the camera icon, instead of the telephone icon. However, there isn't yet a way to call other WhatsApp users who don't also have video calling support. If you try to, WhatsApp defaults to a voice call. Android isn't the only platform where video calling has been switched on. Last week, some users on the WhatsApp beta for Windows Phone were also surprised to find that the feature was now functional. And in this case, it didn't require an app update -- indicating a server-side change could enable it. Some users have also reported seeing the feature on iOS.

Read more of this story at Slashdot.

Rich People Pay Less Attention To Other People, Says Study

Slashdot -

An anonymous reader quotes a report from Business Insider: In a small recent study, researchers from New York University found that those who considered themselves in higher classes looked at people who walked past them less than those who said they were in a lower class did. The results were published in the journal of the Association for Psychological Science. According to Pia Dietze, a social psychology doctoral student at NYU and a lead author of the study, previous research has shown that people from different social classes vary in how they tend to behave towards other people. So, she wanted to shed some light on where such behaviors could have originated. The research was divided into three separate studies. For the first, Dietze and NYU psychology lab director Professor Eric Knowles asked 61 volunteers to walk along the street for one block while wearing Google Glass to record everything they looked at. These people were also asked to identify themselves as from a particular social class: either poor, working class, middle class, upper middle class, or upper class. An independent group watched the recordings and made note of the various people and things each Glass wearer looked at and for how long. The results showed that class identification, or what class each person said they belonged to, had an impact on how long they looked at the people who walked past them. During Study 2, participants viewed street scenes while the team tracked their eye movements. Again, higher class was associated with reduced attention to people in the images. For the third and final study, the results suggested that this difference could stem from the way the brain works, rather than being a deliberate decision. Close to 400 participants took part in an online test where they had to look at alternating pairs of images, each containing a different face and five objects. Whereas higher class participants took longer to notice when the face was different in the alternate image compared to lower classes, the amount of time it took to detect the change of objects did not differ between them. The team reached the conclusion that faces seem to be more effective in grabbing the attention of individuals who come from relatively lower class backgrounds.

Read more of this story at Slashdot.

New Study Shows HIV Epidemic Started Spreading In New York In 1970, Clears the Name of 'Patient Zero'

Slashdot -

An anonymous reader quotes a report from NBC News: A new genetic study confirms theories that the global epidemic of HIV and AIDS started in New York around 1970, and it also clears the name of a gay flight attendant long vilified as being "Patient Zero." Researchers got hold of frozen samples of blood taken from patients years before the human immunodeficiency virus (HIV) that causes AIDS was ever recognized, and teased out genetic material from the virus from that blood. They use it to show that HIV was circulating widely during the 1970s, and certainly before people began noticing a "gay plague" in New York in the early 1980s. "We can date the jump into the U.S. in about 1970 and 1971," Michael Worobey, an expert on the evolution of viruses at the University of Arizona, told reporters in a telephone briefing. Their findings also suggest HIV moved from New York to San Francisco in about 1976, they report in the journal Nature. Their findings confirm widespread theories that HIV first leapt from apes to humans in Africa around the beginning of the 20th century and circulated in central Africa before hitting the Caribbean in the 1960s. The genetic evidence supports the theory that the virus came from the Caribbean, perhaps Haiti, to New York in 1970. From there it spread explosively before being exported to Europe, Australia and Asia. The Worobey team also sequenced samples of virus taken from Gaetan Dugas, a Canadian flight attendant named as "Patient Zero." Dugas died in 1984 and stunned researchers when he told them he'd had about 250 sexual partners a year between 1979 and 1981, although it later became clear that was not uncommon. The sequences make it clear he was a victim of an epidemic that had already been raging, and not its originator, Worobey said. "It's shocking how this man's name has been sullied and destroyed by this incorrect history," said Peter Staley, a former Wall Street bond trader who became an AIDS activist in New York in the 1980s. "He was not Patient Zero and this study confirms it through genetic analysis," Staley told NBC News. "No one should be blamed for the spread of viruses," Worobey said.

Read more of this story at Slashdot.

Delta Now Lets You Track Your Baggage In Real-Time

Slashdot -

Let's face it, tracking down a lost bag at the airport is a pain-in-the-ass. While airlines will often compensate you with money and new clothes for your troubles, the experience is certainly not pleasant. Delta is now attempting to further reduce the number of lost bags through its real-time luggage tracker in the latest version of its mobile app. The Next Web reports: The feature apparently cost $50 million to build. It allows you to see where your stuff is -- provided that it's at one of the 84 airports that support Delta's new tracking tech. Here's how it works. All bags will get a Radio Frequency Identification (RFID) tag. This allows Delta to track them in real-time using radio waves. Scanners positioned throughout the baggage system will allow Delta to monitor where the bag is, and relay that information to the passenger. Delta has traditionally been one of the best airlines when it comes to handling baggage. During 2012, it lost only 200,000 bags. That sounds like a lot, but bear in mind it carried 98 million passengers during the same period. You can try the feature on your next Delta flight by grabbing the app from Google Play and the App Store.

Read more of this story at Slashdot.

Apple Delays AirPods Beyond Original 'Late October' Window

Slashdot -

An anonymous reader quotes a report from Ars Technica: Apple's new wireless, $180 AirPods have less than a week to meet their original shipping target of "late October," and now the company has confirmed that such a launch is officially off the table. A Wednesday statement, given to Ars Technica just one day ahead of the company's latest Mac-related press event, confirmed Apple's decision to delay the wireless headphones' launch. In the statement, Apple tells Ars that the company "needs a little more time before AirPods are ready for our customers." "The early response to AirPods has been incredible," the Apple statement reads. "We don't believe in shipping a product before it's ready." Apple declined to offer any estimate or release window information about when to expect the AirPods' official launch.

Read more of this story at Slashdot.

Tesla Posts Second Profitable Quarter Ever

Slashdot -

anderzole writes from a report via BGR: Tesla on Wednesday posted its earnings report for the quarter gone by and investors will have a lot to cheer about. While analysts on Wall St. were expecting Tesla to post a loss, Tesla during its September quarter actually posted a profit, and an impressive profit at that. When the dust settled, Tesla posted a quarterly profit of $22 million and EPS of $0.71. Revenue for the quarter checked in at $2.3 billion. Illustrating how impressive Tesla's performance was this past quarter, Wall St. was anticipating Tesla to post a loss amid $1.9 billion in revenue for the quarter. As far as deliveries are concerned, Tesla during the quarter boasted that it achieved record vehicle production, deliveries and revenue. More importantly, Tesla reaffirmed via a shareholder letter that the Model 3 is still on track for a late 2017 release. You can read Tesla's shareholder letter here.

Read more of this story at Slashdot.

What Do Trade Agreements Do for Open Access—And What Don't They Do?

EFF's Deeplinks -

“If you can't beat 'em, join 'em” seems to have become the tech industry's attitude towards the current crop of trade agreements, such as the Trade in Services Agreement (TISA) and the Trans-Pacific Partnership (TPP). Their reasoning is just as these agreements can be used by big content to export the most restrictive elements of U.S. copyright law around the world, so too they can be used to export provisions that favor U.S. Internet platforms, such as rules on the free flow of data across borders.

But what about provisions favoring open access? Could trade agreements ensure that U.S. policies on open access, such as the 2013 White House open access memo, are also part of our nation's trade policy?

They certainly could. But they don't. As we explained last year, the provisions that America's closed trade agreements lock into law would, if anything, place barriers in the way of open access initiatives, by enshrining tough protections for digital locks on content, criminally penalizing those who offer access to scholarly works without authority, and prohibiting TPP countries from requiring access to the source code of digital products.

The absence of support for open access in trade agreements comes as no surprise when considering that there are no representatives from the education sector, nor any library or archive representatives, in the relevant closed-door trade advisory committees that advise the U.S. Trade Representative on trade policy, such as the Intellectual Property Rights committee.

This contrasts with more open fora such as the World Intellectual Property Organization (WIPO), at which the library and archive communities are far better represented, and where the possibility of a future instrument that might preserve and promote open access policies is at least being openly discussed.

Open access has the potential to promote trade in high tech products and services, by assisting in the free flow of ideas and knowledge across borders and thereby stimulating innovation and business development around the world. In many ways, if we accept that intellectual property policy has a place in trade agreements at all, then open access rules should be a natural fit for inclusion amongst these rules.

The fact that open access policy hasn't rated so much of a mention in current trade discussions doesn't come as a surprise, but it does represent another indication of the irrelevance of these captured negotiations to large segments of the community, and of the pressing need for reform of the processes by which they are negotiated.

EFF is proud to participate in Open Access Week. Check back all week for opportunities to get involved with the fight for open access.

Share this: Join EFF

Empty Promises on Privacy for Foreigners Abroad in PPD-28

EFF's Deeplinks -

The Obama administration promised privacy protections for foreigners abroad, but PPD-28 fails to deliver those protections

In early 2014, still reeling from global outrage over recently uncovered surveillance programs, President Barack Obama pledged to rein in the U.S. government’s spying and boost privacy protections for people in the U.S. and abroad. His words were heartening:

“People around the world, regardless of their nationality, should know that the United States is not spying on ordinary people … and that we take their privacy concerns into account,” he said, standing in front of American flags at Justice Department headquarters in Washington, D.C.

Obama specifically pointed to Presidential Policy Directive 28, an executive branch document that set out new rules for how the government treats foreigners’ information. In Obama’s telling, PPD-28 took “the unprecedented step of extending certain protections that we have for the American people to people overseas.”

That sounds noble, but it vastly overstates how the protections work in practice.

In truth, the U.S. does not provide significant safeguards to protect the privacy rights of foreigners abroad from its surveillance programs. To the contrary, even after PPD-28 in 2014, the U.S. government has continued to seize and scan the communications of hundreds of millions of foreigners abroad with no ties to crime or national security threats. A huge number of those communications are then collected and made available for a wide range of further uses. In fact, while the U.S. has pointed to PPD-28 as a major protection for people around the world, that document marked no significant change to the actual surveillance the U.S. has been conducting.

The U.S. has an Americans-Only Approach to Privacy

For Americans, of course, the bedrock protection against their country spying on them is U.S. Constitution. But the U.S. maintains that because non-citizens located outside the U.S. largely lack constitutional rights, it can act in ways regarding foreigners that would be completely unconstitutional if those affected were Americans. It similarly excludes people outside the U.S. from the protections of most U.S. privacy laws, even when the actions of the U.S. government impact their privacy.

The U.S. is Ten Years Behind Europe

The U.S. is ten years behind Europe in requiring their government agencies to protect the privacy of noncitizens when government actions affect them. In 2006 and again in 2008 the European Court of Human Rights ruled that people and groups have privacy rights when it comes to surveillance conducted by other countries. In the 2008 case of Liberty and Others v. United Kingdom, the court ruled that the UK violated the privacy rights of two Ireland-based NGOs with its extraterritorial surveillance. In the 2006 case of Weber and Savaria v. Germany, the court was similarly prepared to consider the complaints of two residents of Uruguay against monitoring of their telecommunications by the German government.

The U.S. is Not Compliant with International Law

Even after PPD-28 was issued, the United Nations’ independent experts on human rights explicitly criticized the U.S. for its Americans-only approach to privacy protections. In its report on U.S. surveillance practices, the Human Rights Committee welcomed PPD-28 but expressed concerns that it provided “only limited protection against excessive surveillance” and “that the persons affected have no access to effective remedies in the case of abuse.” It urged:

[M]easures should be taken to ensure that any interference with the right to privacy complies with the principles of legality, proportionality and necessity, regardless of the nationality or location of the individuals whose communications are under direct surveillance.

Similarly, in 2013 the United Nations rejected attempts by the U.S. to limit its responsibilities to just protections Americans in a recitation [.pdf], stating that it was:

Deeply concerned at the negative impact that surveillance and/or interception of communications, including extraterritorial surveillance and/or interception of communications, as well as the collection of personal data, in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights.

The UN expressly recognized that international law includes a duty on a state to respect the human rights of persons physically outside the state but whose rights are interfered with by the state’s actions within its borders. The U.S. has not met this duty.

PPD-28 Loopholes and Limits

People around the world were hopeful that President Obama’s statement meant that the U.S. would finally recognize that it must provide foreigners with meaningful protection against U.S. surveillance. And PPD-28 sounds good, providing that  “all persons are entitled to respect, regardless of their nationality” and directing the U.S. government to apply data protections policies and procedures equally to all persons regardless of nationality.

But, as the U.N. noted, PPD-28 has not resulted in meaningful protections for foreigners. While PPD-28 speaks of harmonizing protections for all people, it has a number of loopholes. And because foreigners, unlike U.S. citizens, receive essentially no other protections in U.S. law, these loopholes are especially significant.

The NSA’s policies and procedures under PPD-28 contain a glaring loophole that exempts data that is “temporarily acquired to facilitate targeted collection.” One example of data that is seemingly exempted under the loophole is anything collected through the U.S. government’s Upstream surveillance, which involves the collection of billions of foreign communications. The government then searches that data in order to perform “targeted” surveillance. As a result, all foreign communications that are acquired as part of the government’s access to the Internet backbone through Upstream are seemingly unprotected by PPD-28. Of course, this is a privacy violation that the government applies equally to Americans, so U.S. citizens also largely suffer from this same disproportionate collection and, to a lesser extent, mass searching.

Perhaps even more important, PPD-28 contains an explicit authorization to collect and use foreigners’ communications in bulk under a broad set of circumstances. By contrast, U.S. citizens are not supposed to be subject to bulk collection under any circumstances (although we know that’s not true in practice). As a result, PPD-28’s authorization to engage in bulk collection about foreigners represents a significant disparity. Also under PPD-28, the U.S. government has sweeping authority to forward, use, and retain foreigners’ communications collected in bulk in order to deal with six exceedingly broad categories of threats, including espionage “against the United States and its interests,” “cybersecurity threats,” and “transnational criminal threats.”

The Rest of U.S. Law is Little Help

The rest of U.S. law is also of little help when it comes to protecting the privacy of foreigners abroad, in that it allows the U.S. to specifically target them for spying for broadly defined foreign intelligence purposes.

Under FISA Amendments Act Section 702, for example, surveillance of non-U.S. citizens outside the U.S. is subject only to the limitation that a “significant purpose” of the surveillance be to gather “foreign intelligence information.” The term “foreign intelligence information” is expansively defined and constitutes any information that “relates to” a foreign power or territory and the United States’ foreign affairs, national defense, or security. And for surveillance conducted outside the U.S. under Executive Order 12333, the definition of “foreign intelligence” is even broader, including information that is merely related to the “capabilities, intentions and activities of foreign powers, organizations or persons.” Reported examples of surveillance undertaken for a “foreign intelligence” purpose under one or both definitions include economic targets such as Venezuelan and Brazilian oil companies. Once either of these indefinite standards – which are never reviewed by a neutral third party – are satisfied, the U.S. Government’s surveillance powers against foreigners is nearly absolute.  

Further underscoring the U.N.’s concerns, the availability of judicial review or any redress for this surveillance is severely limited. The massive secrecy surrounding these activities means that – similar to U.S. persons in our Jewel v. NSA case and others – the U.S. government would argue that foreigners abroad do not have sufficient proof of any use or misuse of their information to maintain standing in U.S. courts. We are fighting that position, of course, but the pathway is likely even more difficult for foreigners abroad affected by U.S. mass surveillance.

While the U.S. does have some requirements to notify surveillance subjects under FISA, those requirements are very narrow.  FISA requires such notice only when the government intends to use evidence against those “aggrieved persons” in a court proceeding. But by its nature, foreign intelligence surveillance rarely leads to criminal or other court proceedings. And even within that requirement, the government reads its obligation exceedingly narrowly. In practice, the government has notified fewer than a dozen “aggrieved persons” subject to surveillance under Section 702 out of the millions of individuals likely implicated in the hundreds of millions of communications collected annually. None of those notified have been foreigners abroad.

The Result: the U.S. Promise to Protect Foreigners Is Largely Illusory

Taken together, the U.S. government’s refusal to consider basic privacy rights for foreigners abroad, the glaring loopholes in PPD-28, and the inability for foreigners to learn about or challenge online surveillance means the protections Obama promised with PPD-28 back In 2014 are largely illusory. Remember that the next time you hear a U.S. official defend the government’s surveillance programs and their so-called privacy protections for foreigners abroad.

Related Cases: Jewel v. NSA
Share this: Join EFF

AI-Powered Body Scanners Could Soon Speed Up Your Airport Check-in

Slashdot -

An anonymous reader shares a report on the Guardian:A startup bankrolled by Bill Gates is about to conduct the first public trials of high-speed body scanners powered by artificial intelligence (AI), the Guardian can reveal. According to documents filed with the US Federal Communications Commission (FCC), Boston-based Evolv Technology is planning to test its system at Union Station in Washington DC, in Los Angeles's Union Station metro and at Denver international airport. Evolv uses the same millimetre-wave radio frequencies as the controversial, and painfully slow, body scanners now found at many airport security checkpoints. However, the new device can complete its scan in a fraction of second, using computer vision and machine learning to spot guns and bombs. This means passengers can simply walk through a scanning gate without stopping or even slowing down -- like the hi-tech scanners seen in the 1990 sci-fi film Total Recall. A nearby security guard with a tablet is then shown either an "all-clear" sign, or a photo of the person with suspicious areas highlighted. Evolv says the system can scan 800 people an hour, without anyone having to remove their keys, coins or cellphones.

Read more of this story at Slashdot.

176 Original Emojis Join Van Gogh and Picasso At Museum of Modern Art

Slashdot -

If you happen to walk through the Museum of Modern Art in New York between December to March of next year, you may see 176 emoji on display next to Van Gogh and Picasso. On Wednesday, the museum announced that Shigetaka Kurita's original pictographs would be added to its collection. Los Angeles Times reports: Nearly two decades ago, Shigetaka Kurita was given the task of designing simple pictographs that could replace Japanese words for the growing number of cellphone users communicating with text messages. Kurita, who was working for the Japanese mobile carrier NTT Docomo at the time, came up with 176 of them, including oddities like a rocking horse, two kinds of umbrellas (one open, one closed) and five different phases of the moon. He called them emojis. An estimated 74% of Americans now use emojis every day, nudging the written word to the side in favor of a medium that can succinctly and playfully convey emotions in a society often more adept at texting than talking. That marriage of design and utility prompted the art world to take notice. Museum officials say emojis are the modern-day answer to an age-old tradition of communicating with pictures. "Emojis as a concept go back in the centuries, to ideograms, hieroglyphics and other graphic characters, enabling us to draw this beautiful arch that covers all of human history," said Paola Antonelli, a senior curator at MoMA. "There is nothing more modern than timeless concepts such as these."

Read more of this story at Slashdot.

How Vigilante Hackers Could Stop the Internet of Things Botnet

Slashdot -

An anonymous reader quotes a report from Motherboard: Some have put forth a perhaps desperate -- and certainly illegal -- solution to stop massive internet outages, like the one on Friday, from happening: Have white-hat vigilante hackers take over the insecure Internet of Things that the Mirai malware targets and take them away from the criminals. Several hackers and security researchers agree that taking over the zombies in the Mirai botnet would be relatively easy. After all, if the "bad guys" Mirai can do it, a "good guys" Mirai -- perhaps even controlled by the FBI -- could do the same. The biggest technical hurdle to this plan, as F-Secure chief research officer Mikko Hypponen put it, is that once it infects a device, Mirai "closes the barn door behind it." Mirai spreads by scanning the internet for devices that have the old-fashioned remote access telnet protocol enabled and have easy to guess passwords such as "123456" or "passwords." Then, once it infects them, it disables telnet access, theoretically stopping others from doing the same. The good news is that the code that controls this function actually doesn't at times work very well, according to Darren Martyn, a security researcher who has been analyzing the malware and who said he's seen some infected devices that still have telnet enabled and thus can be hacked again. Also, Mirai disappears once an infected device is rebooted, which likely happens often as owners of infected cameras and DVRs try to fix their devices that suddenly have their bandwidth saturated. The bad news is that the Mirai spreads so fast that a rebooted, clean, device gets re-infected in five minutes, according to the estimates of researchers who've been tracking the botnets. So a vigilante hacker has a small window before the bad guys come back. The other problem is what a do-gooder hacker could do once they took over the botnet. The options are: brick the devices, making them completely unusable; change the default passwords, locking out even their legitimate owners; or try to fix their firmware to make them more resistant to future hack attempts, and also still perfectly functioning. The real challenge of this whole scenario, however, is that despite being for good, this is still illegal. "No one has any real motivation to do so. Anyone with the desire to do so, is probably afraid of the potential jail time. Anyone not afraid of the potential jail time...can think of better uses for the devices," Martyn told Motherboard, referring to criminals who can monetize the Mirai botnet.

Read more of this story at Slashdot.

Canadian Police Are Texting Potential Murder Witnesses

Slashdot -

On Thursday, the Ontario Provincial Police (OPP) will send text messages to anybody who was in the vicinity of a murder in the hopes that one of them will have information that can help catch the culprit. One of the recipients may even be the killer. Others may wonder how the police obtained their phone number in the first place, or knew where they were on the day in question. From a Motherboard report: The OPP is ramping up its efforts to find the murderer of 65-year-old hitchhiker John Hatch, who was found dead near Erin, Ontario, on December 17, 2015. He was last seen alive the day before, outside Ottawa. Now, the OPP has announced what it's describing as a "new investigative technique" for the force: obtaining the phone numbers of everyone who was in the area where and when Hatch was last seen alive, via a court order, and sending each person a text message directing them to a police website. If they follow those instructions, they'll be asked a series of online questions. According to digital privacy lawyer David Fraser, this technique is known as a "tower dump" -- essentially asking telecom companies for information about everyone who connected to a certain cellphone tower, at a given time. If the police plan on using this technique again, its future uses could have unintended effects, Frasier said.

Read more of this story at Slashdot.

Comcast Sues Nashville To Halt Rules That Give Google Fiber Faster Access To Utility Poles

Slashdot -

An anonymous reader quotes a report from Ars Technica: Comcast yesterday sued the Nashville metro government and mayor to stop a new ordinance designed to give Google Fiber faster access to utility poles. Comcast's complaint in U.S. District Court in Nashville (full text) is similar to one already filed by AT&T last month. Both ISPs are trying to invalidate a One Touch Make Ready ordinance that lets new ISPs make all of the necessary wire adjustments on utility poles themselves instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires. The ordinance was passed largely to benefit Google Fiber, which is offering service in Nashville but says that it hasn't been able to deploy faster because it is waiting to get access to thousands of poles. Nearly all the Nashville utility poles are owned either by the municipal Nashville Electric Service or AT&T. Because Comcast has wires on many of the poles, it has some control over how quickly Google Fiber can expand its network. When Google Fiber wants to attach wires to a new pole, it needs to wait for ISPs like Comcast to move their wires to make room for Google Fiber's. The Nashville One Touch Make Ready ordinance "permits third parties to move, alter, or rearrange components of Comcast's communications network attached to utility poles without Comcast's consent, authorization, or oversight, and with far less notice than is required by federal law and by an existing Comcast contract with Metro Nashville," Comcast's complaint said. Comcast asked the court to declare the ordinance invalid and permanently enjoin Nashville from enforcing it. The pre-existing Make Ready process "seek[s] to ensure that all providers can share available pole space cooperatively and safely, without interfering with or damaging any provider's equipment or services," Comcast said. The new procedures mandated by Nashville "are so intrusive that, tellingly, Metro Nashville has wholly exempted its own utility pole attachments from the Ordinance's coverage." Even though Google Fiber announced yesterday that it will pause operations and cut 9% of its staff, the ISP said it would continue operations in Nashville.

Read more of this story at Slashdot.

Verizon Says Yahoo Name Isn't Going Away

Slashdot -

Verizon is treading carefully with Yahoo, but still wants to seal the deal. From a CNET report: "The deal makes strategic sense," said Marni Walden, the executive vice president of business innovation for Verizon and the person who pushed for the acquisition. "We won't jump off of a cliff blindly." She continues to believe there's value in the Yahoo name, noting that it won't go away if Verizon completes its acquisition. Brands like Yahoo Mail and Yahoo Finance still draw plenty of eyeballs, and offer the kind of audience that Verizon and AOL lack, she said during a keynote session at The Wall Street Journal Digital conference on Wednesday. Her comments come just weeks after Yahoo disclosed a 2014 breach exposed at least 500 million accounts, making it the worst hack in history. Shortly after, reports found that Yahoo had participated in a government program to sniff user emails, further eroding trust. Verizon said this all had the potential to cause a "material impact" to the deal, which could mean Yahoo takes a reduced price or the deal falls through altogether.

Read more of this story at Slashdot.

What U.S. Policy Makers Need to Know About Free Basics

EFF's Deeplinks -

The Washington Post recently reported on Facebook’s plans to introduce its international Free Basics app to American users. We have written about the problems with Free Basics before, and we are disappointed that Facebook might be trying to repackage this controversial international program as a solution for domestic issues.

Providing Internet service should not endanger competition and user choice, particularly when it is targeted at underserved and marginalized user groups. But Free Basics realizes the greatest dangers of zero-rating and does exactly that. Free Basics in the U.S. would give Facebook—a private entity with no public mandate from citizens—the ability to decide the content and websites to which low-income and rural Americans should have access.

Based on its performance in other countries, there is no reason to believe that Free Basics will address the “digital divide” among American citizens. Instead, the evidence points to Free Basics exacerbating existing digital exclusion and leaving its users with the same problem they started with: scarce, unreliable, expensive access to the open Internet.

Free Basics is not “free Internet access.”

Free Basics is a zero-rated app—that is, certain Internet service providers partner with Facebook to give users free access to the app’s suite of content without digging into their data plan. Although it is country-specific, Free Basics content typically includes news, health, weather, and education—and, of course, Facebook itself.

This is not “free Internet access." More accurately, Free Basics offers free access to some Internet content on some carriers. This distinction is crucial. For users without fast, reliable coverage already available in their area, or users who do not use a carrier that partners with Free Basics, the offer of free content from Free Basics is useless.

Free Basics comes with a rocky international track record.

Launched in July 2014 as part of Facebook’s international initiative to connect “the next billion” to the Internet in developing countries, the Free Basics app has expanded to 49 countries—and regulatory responses have varied. The app has been specifically outlawed in India and Chile, and suspended in Egypt. In India in particular, a strong entrepreneurial community led the charge against the prospects of Free Basics’ deleterious effect on competition for smaller local start-ups. Now, Facebook appears to be fleeing controversy abroad in the hopes of a friendlier regulatory outlook at home.

Free Basics will not save Americans money.

Facebook’s international Free Basics initiative is often justified by the “on-ramp” argument. The idea is that selectively subsidizing mobile data for low-income, previously unconnected users will jump-start their awareness of the Internet, prompt them to buy larger data plans, and ultimately act as an “on-ramp” to bring more people onto the open Internet. This claim is often bolstered with an unsubstantiated statistic that 50% of Free Basics users pay for data within 30 days of first using it.

But this argument doesn’t hold up in practice. The American version of Free Basics would propose to serve rural and low-income Americans for whom high data prices are an insurmountable barrier to getting online. The “on-ramp” justification for this is that exposure to an application like Free Basics will inspire them to buy more data—the very data that was restrictively expensive to begin with. Free Basics will not save communities money in the long term. In the short term, it only distracts attention away from the bigger challenge of developing the local infrastructure needed to achieve sustainable Internet prices.

Free Basics does not solve the right problems—and it creates new ones.

Free Basics addresses only one barrier to Internet adoption and use: cost. Cost is no doubt a significant issue—but it is not the only barrier Americans face to digital inclusion. National disparities in connection speed, signal stability, education, and digital literacy all play a role in creating these digital “haves” and “have nots.” Pew Research finds that a third of non-Internet-using Americans did not go online because they did not think the Internet was interesting or relevant to them, and another third found the Internet too difficult to use. In comparison, the cost of Internet service or owning a computer was a deciding factor for only 19% of non-users. Instead, demographics are key: the groups least likely to use the Internet in America are seniors over 65 years old, and those with less than a high school education.

Free Basics may exacerbate these existing demographic inequalities, creating a “poor Internet for poor people.” Free Basics offers a truncated version of the Internet that disincentivizes exploring beyond the services offered for free; that is no solution to the problems of interest and digital literacy that stand in most American non-users’ way. Presenting a cost-oriented initiative like Free Basics as the solution does not capture the complexity of Internet inequalities, and risks exaggerating the depth of understanding we have about how and why some Americans are systematically excluded from Internet participation.

Users at home and abroad prefer the open Internet.

Users’ preferences are diverse and unique, and zero-rating schemes like Free Basics tend to not address them.

Internationally, the Alliance for Affordable Internet’s eight-country study on emerging mobile data models in developing countries—including Free Basics—found the vast majority of users preferring access to the full Internet, even when it came with limitations like a data cap or a steep price, over access to some of the Internet without any of those limitations. Studies in India [PDF] and Ghana independently confirmed this finding. Across the countries where Free Basics has already launched, users would rather pay for an all-access plan than get limited access like Free Basics for free.

In the U.S., user preferences are similarly incompatible with Free Basics—in particular, incompatible with a model in which only certain pre-approved applications are zero-rated. A recent study on alternative zero-rating models found that American users were interested in zero-rated services in general, but they did not agree on which services should be zero-rated. Many wanted popular services like Netflix and Instagram to be zero-rated, but even more preferred zero-rated access to more obscure, low-traffic, niche sites and applications. With these varying user preferences and interests in mind, the one-size-fits-all “walled garden” of Free Basics cannot adequately serve diverse users.

The bottom line: let users choose, not Facebook.

If carriers engage in zero-rating programs at all, those programs should be narrowly tailored to address pressing access problems. A program broadly conceived for developing country audiences, but now potentially deployed to domestic users, does not fit that bill. Even more importantly, carriers should use zero-rating models that allow users and edge providers, not carriers or Facebook, to decide what content gets zero-rated.

Share this: Join EFF

Dyn DNS DDoS Likely The Work of Script Kiddies, Says FlashPoint

Slashdot -

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

Read more of this story at Slashdot.

Samsung Sets Its Reputation on Fire With Bogus DMCA Takedown Notices

EFF's Deeplinks -

While there are countless examples of DMCA abuse, sometimes a story stands out. Last week, Samsung sent a series of takedown notices aimed at videos showing a GTA V mod in action. The modification replaced an in-game weapon with an exploding Samsung phone. Whether you think these videos are hilarious or in bad taste (or both), they are a parody inspired by real-life stories of Galaxy Note 7s catching fire. Samsung may not enjoy this commentary, but that does not excuse its abuse of the DMCA.

Still from Modded Games on YouTube

In our view, Samsung does not have a viable copyright claim against these YouTube videos. Even if Samsung does own a related copyright—perhaps in the design of its logo or in the phone’s screen image—it cannot use that copyright to control all depictions of its phones. Reviews and news coverage need to show images of the phone. And even snarky commentary, like footage of the GTA V mod, is fair use.

If it doesn’t have a viable copyright claim, why did Samsung send DMCA takedown notices? We asked Samsung’s counsel (the notices were sent on Samsung’s behalf by the 900-lawyer firm Paul Hastings LLP) but received no response. It appears that Samsung took the easy path to removing content it did not like by making a copyright claim where none existed. DMCA takedown notices are, by far, the quickest and easiest way to get speech removed from the Internet. That makes them irresistible for companies, individuals, and even governments eager to censor online speech.

DMCA abuse flourishes because, in practice, companies that send improper notices don’t face sufficiently serious consequences. This issue is currently before the Supreme Court in Lenz v. Universal. In that case, EFF represents Stephanie Lenz who posted a short video to YouTube showing her toddler son dancing to a Prince song. After Universal sent a takedown notice, Lenz sued arguing that the video was clearly fair use and  the notice was sent in bad faith. Last year, the Ninth Circuit ruled that copyright holders must consider fair use before sending a takedown notice. Unfortunately, the appeals court also set a very high bar for enforcing that standard. It held that senders of false infringement notices could be excused so long as they subjectively believed that the material was infringing, no matter how unreasonable that belief. Lenz has asked the Supreme Court to review that aspect of the ruling.

In the next week or two, the Supreme Court will decide whether or not it will hear Lenz’s appeal. We hope that it takes the case and provides users with the protection that Congress intended. In the meantime, we can only hope that DMCA abuse like Samsung’s backfires.

Related Cases: Lenz v. Universal
Share this: Join EFF

Noisy Coworkers And Other Sounds Are Top Distraction in Workplace, Study Says

Slashdot -

Sounds, especially those made by other humans, have ranked as the top distraction in the workplace, according to design expert Alan Hedge of Cornell. A staggering 74 percent of workers say they face "many" instances of disturbances and distractions from noise. Hedge says the noise is generally coming from another person, though it's much more disturbing when it's a machine that is making it. NPR reports: The popularity of open offices has exacerbated the problem. The University of California's Center for the Built Environment has a study showing workers are happier when they are in enclosed offices and less likely to take sick days. This does not bode well for some workers facing cold and flu season, when hacking coughs make the rounds. [...] Rue Dooley, an adviser at the Society for Human Resource Management, says HR professionals often call in, asking how to manage co-worker complaints about various bodily noises.

Read more of this story at Slashdot.

Microsoft launches new line of Surface Keyboard and mouse accessories

Liliputing -

Ahead of today’s Microsoft Surface Studio announcement, there had been rumors floating around that the company would launch an all-in-one desktop. We didn’t know it’s have a 4500 x 3000 pixel touchscreen display, support for a new accessory called the Surface Dial, or a hinge that lets you adjust the screen for writing or drawing. But we were pretty sure some sort of desktop was coming.

One reason? A new Surface Keyboard showed up at the FCC website earlier this month.

Continue reading Microsoft launches new line of Surface Keyboard and mouse accessories at Liliputing.

Repeat Infringers Can Be Mere Downloaders, Court Rules

Slashdot -

A 10-year-old copyright case has prompted an interesting opinion from a US appeals court. In determining the nature of a "repeat infringer" (which service providers must terminate to retain safe harbor), the court found these could be people who simply download infringing content for personal use. The case was filed by recording labels EMI and Capitol against the since long defunct music service MP3Tunes nearly a decade ago. The site allowed, among other things, the ability to store MP3 files and then play it remotely on other devices. The site also allowed users to search for MP3 files online and add them to MP3Tunes service. This is what the recording labels had a problem with, and they sued the site and the owner. TorrentFreak adds: The case went to appeal and yesterday the 2nd Circuit Court of Appeals handed down an opinion that should attract the attention of service providers and Internet users alike. The most interesting points from a wider perspective cover the parameters which define so-called 'repeat infringers.' [...] Noting that the District Court in the MP3Tunes case had also defined a 'repeat infringer' as a user who posts or uploads infringing content "to the Internet for the world to experience or copy", the Court of Appeals adds that the same court determined that a mere downloader of infringing content could not be defined as a repeat infringer "that internet services providers are obligated to ban from their websites." According to the Court of Appeal, that definition was too narrow. "We reject this definition of a 'repeat infringer,' which finds no support in the text, structure, or legislative history of the DMCA. Starting with the text, we note that the DMCA does not itself define 'repeat infringers'," the opinion reads. Noting that 'repeat' means to do something "again or repeatedly" while an 'infringer' is "[s]omeone who interferes with one of the exclusive rights of a copyright," the Court of Appeals goes on to broaden the scope significantly. [...] The notion that the term 'repeat infringer' can now be applied to anyone who knowingly (or unknowingly) downloads infringing content on multiple occasions is likely to set pulses racing. How it will play out in practical real-world scenarios will remain to be seen, but it's certainly food for thought.

Read more of this story at Slashdot.


Subscribe to debianHELP aggregator - Geek Stuff