Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
United Kingdom

For The UK's 'Snoopers' Charter', Politicians Voted Themselves An Exemption (independent.co.uk) 41

The "Snoopers' Charter" passed in the U.K. greatly expands the government's surveillance power. But before they'd enact the new Investigatory Powers Act, Britain's elected officials first voted to make themselves exempt from it. Sort of. An anonymous reader writes: While their internet browsing history will still be swept up, just like everyone else's, no one will ever be able to access it without specific approval from the Prime Minister. And according to The Independent, "That rule applies not only to members of the Westminster parliament but also politicians in the devolved assembly and members of the European Parliament."
The article adds that the exemption was the very first amendment they approved for the legislation. And for a very long time, the only amendment.
The Courts

It Will Soon Be Illegal To Punish US Customers Who Criticize Businesses Online (arstechnica.com) 79

An anonymous reader writes: Congress has passed a law protecting the right of U.S. consumers to post negative online reviews without fear of retaliation from companies. The bipartisan Consumer Review Fairness Act was passed by unanimous consent in the US Senate, a Senate Commerce Committee announcement said. The bill, introduced in 2014, was already approved by the House of Representatives and now awaits President Obama's signature.

The Consumer Review Fairness Act -- full text available here -- voids any provision in a form contract that prohibits or restricts customers from posting reviews about the goods, services, or conduct of the company providing the product or service. It also voids provisions that impose penalties or fees on customers for posting online reviews as well as those that require customers to give up the intellectual property rights related to such reviews.

China

China's New 'Social Credit Score' Law Means Full Access To Customer Data (insurancejournal.com) 74

AnonymousCube shares this quote about China's new 'Social Credit Score' law from an insurance industry magazine: "Companies are also required to give government investigators complete access to their data if there is suspected wrong-doing, and Internet operators must cooperate in any national security or crime-related investigation."

Note that China has an extremely flexible definition of "national security". Additionally computer equipment will need to undergo mandatory certification, that could involve giving up source code, encryption keys, or even proprietary intellectual data, as Microsoft has been doing for some time.

The article suggests businesses like insurers "will likely see the cost of complying with this new action as a disincentive to conducting business in China."
Chrome

Chrome 55 Now Blocks Flash, Uses HTML5 By Default (bleepingcomputer.com) 89

An anonymous reader quotes Bleeping Computer: Chrome 55, released earlier this week, now blocks all Adobe Flash content by default, according to a plan set in motion by Google engineers earlier this year... While some of the initial implementation details of the "HTML5 By Default" plan changed since then, Flash has been phased out in favor of HTML5 as the primary technology for playing multimedia content in Chrome.

Google's plan is to turn off Flash and use HTML5 for all sites. Where HTML5 isn't supported, Chrome will prompt users and ask them if they want to run Flash to view multimedia content. The user's option would be remembered for subsequent visits, but there's also an option in the browser's settings section, under Settings > Content Settings > Flash > Manage Exceptions, where users can add the websites they want to allow Flash to run by default.

Exceptions will also be made automatically for your more frequently-visited sites -- which, for many users, will include YouTube. And Chrome will continue to ship with Flash -- as well as an option to re-enable Flash on all sites.
AI

Stephen Hawking: Automation and AI Is Going To Decimate Middle Class Jobs (businessinsider.com) 442

An anonymous reader quotes a report from Business Insider: In a column in The Guardian, the world-famous physicist wrote that "the automation of factories has already decimated jobs in traditional manufacturing, and the rise of artificial intelligence is likely to extend this job destruction deep into the middle classes, with only the most caring, creative or supervisory roles remaining." He adds his voice to a growing chorus of experts concerned about the effects that technology will have on workforce in the coming years and decades. The fear is that while artificial intelligence will bring radical increases in efficiency in industry, for ordinary people this will translate into unemployment and uncertainty, as their human jobs are replaced by machines. Automation will, "in turn will accelerate the already widening economic inequality around the world," Hawking wrote. "The internet and the platforms that it makes possible allow very small groups of individuals to make enormous profits while employing very few people. This is inevitable, it is progress, but it is also socially destructive." He frames this economic anxiety as a reason for the rise in right-wing, populist politics in the West: "We are living in a world of widening, not diminishing, financial inequality, in which many people can see not just their standard of living, but their ability to earn a living at all, disappearing. It is no wonder then that they are searching for a new deal, which Trump and Brexit might have appeared to represent." Combined with other issues -- overpopulation, climate change, disease -- we are, Hawking warns ominously, at "the most dangerous moment in the development of humanity." Humanity must come together if we are to overcome these challenges, he says.
Crime

Lawyer Sues 20-Year-Old Student Who Gave a Bad Yelp Review, Loses Badly (arstechnica.com) 81

20-year-old Lan Cai was in a car crash this summer, after she was plowed into by a drunk driver and broke two bones in her lower back. She didn't know how to navigate her car insurance and prove damages, so she reached out for legal help. Things didn't go as one would have liked, initially, as ArsTechnica documents:The help she got, Cai said, was less than satisfactory. Lawyers from the Tuan A. Khuu law firm ignored her contacts, and at one point they came into her bedroom while Cai was sleeping in her underwear. "Seriously, it's super unprofessional!" she wrote on Facebook. (The firm maintains it was invited in by Cai's mother.) She also took to Yelp to warn others about her bad experience. The posts led to a threatening e-mail from Tuan Khuu attorney Keith Nguyen. Nguyen and his associates went ahead and filed that lawsuit, demanding the young woman pay up between $100,000 and $200,000 -- more than 100 times what she had in her bank account. Nguyen said he didn't feel bad at all about suing Cai. Cai didn't remove her review, though. Instead she fought back against the Khuu firm, all thanks to attorney Michael Fleming, who took her case pro bono. Fleming filed a motion arguing that, first and foremost, Cai's social media complaints were true. Second, she couldn't do much to damage the reputation of a firm that already had multiple poor reviews. He argued the lawsuit was a clear SLAPP (strategic Lawsuit Against Public Participation). Ultimately, the judge agreed with Fleming, ordering the Khuu firm to pay $26,831.55 in attorneys' fees.
Operating Systems

Taking a Stand Against Unofficial Ubuntu Images (ubuntu.com) 101

Canonical isn't pleased with cloud providers who are publishing broken, insecure images of Ubuntu despite being notified several times. In a blogpost, Mark Shuttleworth, the founder of Ubuntu, and the Executive Chairman and VP, Product Strategy at Canonical, made the situation public for all to see. An excerpt from the blog post: We are currently in dispute with a European cloud provider which has breached its contract and is publishing insecure, broken images of Ubuntu despite many months of coaxing to do it properly. The home-grown images on the cloud, VPS and bare metal services of this provider disable fundamental security mechanisms and modify the system in ways that are unsupportable. They are likely to behave unpredictably on update in weirdly creative and mysterious ways (the internet is full of fun examples). We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that. We have spent many months of back and forth in which we unsuccessfully tried to establish the same operational framework on this cloud that already exists on tens of clouds around the world. We have on multiple occasions been promised it will be rectified to no avail. We are now ready to take legal steps to remove these images. We will seek to avoid affecting existing running users, but we must act to prevent future users from being misled. We do not make this move lightly, but have come to the view that the value of Ubuntu to its users rests on these commitments to security, quality and updates.
United Kingdom

UK Homes Lose Internet Access After Cyber-Attack (theguardian.com) 33

More than 100,000 people in the UK have had their internet access cut after a string of service providers were hit by what is believed to be a coordinated cyber-attack, taking the number affected in Europe up to about a million. From a report on The Guardian, shared by reader JoshTops: TalkTalk, one of Britain's biggest service providers, the Post Office and the Hull-based KCom were all affected by the malware known as the Mirai worm, which is spread via compromised computers. The Post Office said 100,000 customers had experienced problems since the attack began on Sunday and KCom put its figure at about 10,000 customers since Saturday. Earlier this week, Germany's Deutsche Telekom said up to 900,000 of its customers had lost their internet connection as part of the same incident.
Botnet

International Authorities Take Down Massive 'Avalanche' Botnet, Sinkhole Over 800,000 Domains (arstechnica.com) 53

plover writes: Investigators from the U.S. Department of Justice, the FBI, Eurojust, Europol, and other global partners announced the takedown of a massive botnet named "Avalanche," estimated to have involved as many as 500,000 infected computers worldwide on a daily basis. A Europol release says: "The global effort to take down this network involved the crucial support of prosecutors and investigators from 30 countries. As a result, five individuals were arrested, 37 premises were searched, and 39 servers were seized. Victims of malware infections were identified in over 180 countries. In addition, 221 servers were put offline through abuse notifications sent to the hosting providers. The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800,000 domains seized, sinkholed or blocked." Sean Gallagher writes via Ars Technica: "The domains seized have been 'sinkholed' to terminate the operation of the botnet, which is estimated to have spanned over hundreds of thousands of compromised computers around the world. The Justice Department's Office for the Western Federal District of Pennsylvania and the FBI's Pittsburgh office led the U.S. portion of the takedown. 'The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network,' the FBI and DOJ said in their joint statement. In 2010, an Anti-Phishing Working Group report called out Avalanche as 'the world's most prolific phishing gang,' noting that the Avalanche botnet was responsible for two-thirds of all phishing attacks recorded in the second half of 2009 (84,250 out of 126,697). 'During that time, it targeted more than 40 major financial institutions, online services, and job search providers,' APWG reported. In December of 2009, the network used 959 distinct domains for its phishing campaigns. Avalanche also actively spread the Zeus financial fraud botnet at the time."
The Courts

French Man Sentenced To Two Years In Prison For Visiting Pro-ISIS Websites (theverge.com) 404

According to French media, a court in the department of Ardeche on Tuesday sentenced a 32-year-old man in France to two years in prison for repeatedly visiting pro-ISIS websites -- even though there was no indication he planned to stage a terrorist attack. Police raided his house and found the man's browsing history. They also found pro-ISIS images and execution videos on his phone, personal computer, and a USB stick, an ISIS flag wallpaper on his computer, and a computer password that was "13novembrehaha," referencing the Paris terrorist attacks that left 130 people dead. Slashdot reader future guy shares with us an excerpt from The Verge's report: In court, the man argued that he visited the sites out of curiosity. "I wanted to tell the difference between real Islam and the false Islam, now I understand," he said, according to FranceBleu. But the man reportedly admitted to not reading other news sites or international press, and family members told the court that his behavior had recently changed. He became irritated when discussing religion, they said, and began sporting a long beard with harem pants. A representative from the Ardeche court confirmed to The Verge that there was no indication that the man had any plans to launch an attack. In addition to the two-year prison sentence, he will have to pay a 30,000 euros (roughly $32,000) fine.
Piracy

UK ISPs To Start Sending 'Piracy Alerts' Soon (torrentfreak.com) 69

Beginning next year, internet service providers in the UK will send email notifications to subscribers whose connections have been allegedly used to download copyright infringing content. In what is an attempt to curtail piracy rates, these alerts would try to educate those who pirate about legal alternates. TorrentFreak adds: Mimicking its American counterpart, the copyright alert program will monitor the illegal file-sharing habits of UK citizens with a strong focus on repeat infringers. The piracy alerts program is part of the larger Creative Content UK (CCUK) initiative which already introduced several anti-piracy PR campaigns, targeted at the general public as well as the classroom. The plan to send out email alerts was first announced several years ago when we discussed it in detail, but it took some time to get everything ready. This week, a spokesperson from CCUK's "Get it Right From a Genuine Site" campaign informed us that it will go live in first few months of 2017. It's likely that ISPs and copyright holders needed to fine-tune their systems to get going, but the general purpose of the campaign remains the same.
Mozilla

Mozilla Puts New Money To Use Fighting For 'Internet Health' (cnet.com) 109

Stephen Shankland, writing for CNET: Mozilla is marshaling public support for political positions, like backing net neutrality, defending encryption and keeping government surveillance from getting out of hand, says Denelle Dixon-Thayer, Mozilla's chief legal and business officer. The organization is funding the efforts with revenue from Firefox searches, which has jumped since 2014 when it switched from a global deal with Google to a set of regional deals. Mozilla brought in $421 million in revenue last year largely through partnerships with Yahoo in the US, Yandex in Russia and Baidu in China, according to tax documents released alongside Mozilla's 2015 annual report on Thursday. Pushing policy work brings new challenges well beyond traditional Mozilla work competing against Google's Chrome browser and Microsoft's Internet Explorer. They include squaring off against the incoming administration of Donald Trump.
NASA

ULA Unveils Website That Lets You Price Out a Rocket 'Like Building a Car' (theverge.com) 58

An anonymous reader quotes a report from The Verge: This morning, United Launch Alliance CEO Tory Bruno unveiled a new website that allows satellite makers to figure out what it will really cost to launch a vehicle on one of ULA's rockets. It's like going to "Ford or Chevy and building your car," Bruno said, except in the end you wind up with a more than $100 million rocket that can take cargo to space. And just like checking out on Amazon, the website allows you to save your rocket and submit it to ULA to start the process of finalizing a launch contract. The site, called RocketBuilder.com, looks to be ULA's attempt to further infiltrate the commercial satellite market, after launching mostly government satellites and NASA missions for the past decade. Bruno says the site is meant to provide an "unprecedented level of transparency" to commercial customers about the true cost of launching a satellite with ULA. "The sticker price on the rocket is just the tip of the iceberg," Bruno said at a press conference this morning in Washington, DC. "There is a whole host of other costs." The site is supposed to give potential customers an idea of what those costs might be. Rocket Builder allows you to pick when you want to launch and what orbit you want your satellite to go to. And then, depending on its destination and how big the satellite is, the site will help you calculate the size of your payload fairing -- the nose cone that encases the satellite on the top of the rocket -- as well as how many additional boosters you're going to need for thrust. Customers even have the option of picking customizable "service options," which include adding an onboard video system to the rocket, or conducting "expanded mission rehearsals." There's even the option of purchasing a VIP experience, where you can invite 100 customers or investors to come watch the launch as a marketing tool.
Republicans

Twitters Says It Will Ban Trump If He Breaks Hate-Speech Rules (qz.com) 1042

Twitter has made a serious effort as of late to limit hate speech on its social media site, especially after Election Day where "biased graffiti, assaults and other incidents have been reported in the news." The company now faces President-elect Donald Trump, who has used Twitter for the past 18 months as a megaphone for his views and rants, which many would consider as "hate speech." According to the American Bar Association, hate speech is "speech that offends, threatens, or insults groups, based on race, color, religion, national origin, sexual orientation, or other traits." Quartz reports: While Trump's deceptive tweets may not violate Twitter's rules against harassment, threats and "hateful conduct," Twitter is still keeping an eye on his account for more egregious offenses. This week, the company told Slate it would consider banning key government officials, even the president, if its rules against hate speech or other language were violated. "The Twitter Rules prohibit violent threats, harassment, hateful conduct, and multiple account abuse, and we will take action on accounts violating those policies," a spokesperson wrote. Twitter confirmed with Quartz that everyone, including government officials, were subject to the policy: "The Twitter Rules apply to all accounts," a spokesman wrote. Trump may not have crossed that line yet, but he hasn't exactly refrained from making incendiary claims. Most recently, he claimed that Abdul Razak Ali Artan, who allegedly carried out an attack injuring 11 students at Ohio State University, "should not have been in our country." Artan was a legal permanent U.S. resident, whose family had fled Somalia for Pakistan in 2007. He arrived in the States in 2014.
Firefox

Firefox Zero-Day Can Be Used To Unmask Tor Browser Users (computerworld.com) 55

An anonymous reader quotes a report from Computerworld: A Firefox zero-day being used in the wild to target Tor users is using code that is nearly identical to what the FBI used in 2013 to unmask Tor-users. A Tor browser user notified the Tor mailing list of the newly discovered exploit, posting the exploit code to the mailing list via a Sigaint darknet email address. A short time later, Roger Dingledine, co-founder of the Tor Project Team, confirmed that the Firefox team had been notified, had "found the bug" and were "working on a patch." On Monday, Mozilla released a security update to close off a different critical vulnerability in Firefox. Dan Guido, CEO of TrailofBits, noted on Twitter, that "it's a garden variety use-after-free, not a heap overflow" and it's "not an advanced exploit." He added that the vulnerability is also present on the Mac OS, "but the exploit does not include support for targeting any operating system but Windows." Security researcher Joshua Yabut told Ars Technica that the exploit code is "100% effective for remote code execution on Windows systems." "The shellcode used is almost exactly the shellcode of the 2013 one," tweeted a security researcher going by TheWack0lian. He added, "When I first noticed the old shellcode was so similar, I had to double-check the dates to make sure I wasn't looking at a 3-year-old post." He's referring to the 2013 payload used by the FBI to deanonymize Tor-users visiting a child porn site. The attack allowed the FBI to tag Tor browser users who believed they were anonymous while visiting a "hidden" child porn site on Freedom Hosting; the exploit code forced the browser to send information such as MAC address, hostname and IP address to a third-party server with a public IP address; the feds could use that data to obtain users' identities via their ISPs.
Republicans

Trump Appoints Third Net Neutrality Critic To FCC Advisory Team (dslreports.com) 191

Last week, President-elect Donald Trump appointed two new advisers to his transition team that will oversee his FCC and telecommunications policy agenda. Trump has added a third adviser today who, like the other two advisers, is a staunch opponent of net neutrality regulations. DSLReports adds: The incoming President chose Roslyn Layton, a visiting fellow at the broadband-industry-funded American Enterprise Institute, to help select the new FCC boss and guide the Trump administration on telecom policy. Layton joins Jeffrey Eisenach, a former Verizon consultant and vocal net neutrality critic, and Mark Jamison, a former Sprint lobbyist that has also fought tooth and nail against net neutrality; recently going so far as to argue he doesn't think telecom monopolies exist. Like Eisenach and Jamison, Layton has made a career out of fighting relentlessly against most of the FCC's more consumer-focused efforts, including net neutrality, consumer privacy rules, and increased competition in the residential broadband space. Back in October, Layton posted an article to the AEI blog proclaiming that the FCC's new privacy rules, which give consumers greater control over how their data is collected and sold, were somehow part of a "partisan endgame of corporate favoritism" that weren't necessary and only confused customers. Layton also has made it abundantly clear she supports zero rating, the practice of letting ISPs give their own (or high paying partners') content cap-exemption and therefore a competitive advantage in the market. She has similarly, again like Eisenach and Jamison, supported rolling back the FCC's classification of ISPs as common carriers under Title II, which would kill the existing net neutrality rules and greatly weaken the FCC's ability to protect consumers.
Communications

Reddit To Crack Down On Abuse By Punishing Hundreds of 'Toxic Users' (reuters.com) 226

An anonymous reader quotes a report from Reuters: Social media website Reddit, known for its commitment to free speech, will crack down on online harassment by banning or suspending users who target others, starting with those who have directed abuse at Chief Executive Steve Huffman. Huffman said in an interview with Reuters that Reddit's content policy prohibits harassment, but that it had not been adequately enforced. "Personal message harassment is the most cut and dry," he said. "Right now we are in an interesting position where my inbox is full of them, it's easy to start with me." As well as combing through Huffman's inbox, Reddit will monitor user reports, add greater filtering capacity, and take a more proactive role in policing its platform rather than relying on community moderators. Reddit said it had identified hundreds of the "most toxic users" and will warn, ban or suspend them. It also plans to increase staff on its "trust and safety" team. On Reddit, a channel supporting the U.S. Republican party's presidential candidate Donald Trump, called r/The_Donald, featured racist and misogynistic comments, fake news and conspiracy theories about his Democratic challenger Hillary Clinton, along with more mainstream expressions of support for Trump. Many of those supporting Trump were very active, voting up the r/The_Donald conversations so that they became prominent across Reddit, which is the 7th-most-visited U.S. internet site, according to web data firm Alexa. Last week, Reddit banned Pizzagate, a community devoted to a conspiracy theory, with no evidence to back it up, that links Clinton to a pedophile ring at a Washington, D.C. pizza parlor, after it posted personal information in violation of Reddit policy. Huffman then used his administrative privileges to redirect abuse he was receiving on a thread on r/The_Donald to the community's moderators -- making it look as if it was intended for them. Huffman said it was a prank, and that many Reddit users, including some Trump supporters, told him they thought it was funny, but it inflamed the situation.
Cloud

Seagate Introduces External Hard Drive That Automatically Backs Up To Amazon's Cloud (theverge.com) 106

An anonymous reader quotes a report from The Verge: Seagate and Amazon have partnered up on a $99 1TB external hard drive that automatically backs up everything stored on it to the cloud. The Seagate Duet drive's contents are cloned to Amazon Drive, so you can be pretty confident that your important stuff will be safe. Getting set up with the cloud backup process requires plugging in the drive, signing in with your Amazon account -- and that's pretty much it, from the sounds of it. Drag and drop files over, and you'll be able to access them from the web or Amazon's Drive app on smartphones and tablets. If you're new to the Drive service, Seagate claims you'll get a year of unlimited storage just for buying the hard drive, which normally costs $59.99 annually. Amazon's listing for the Duet (the only way to buy it right now) confirms as much, but there's some fine print: Offer is U.S.-only; Not valid for current Amazon Drive Unlimited Storage paid subscription customers; You've got to redeem the promo code within two months of buying the hard drive if you want the year's worth of unlimited cloud storage; If you return the Duet, Amazon says it will likely reduce your 12 months of unlimited Drive storage down to three, which beats taking it away altogether, I guess.
Privacy

China Pilots a System That Rates Citizens on 'Social Credit Score' To Determine Eligibility For Jobs, Travel (technologyreview.com) 204

Speculations have turned out be true. The Chinese government is now testing systems that will be used to create digital records of citizens' social and financial behavior. In turn, these will be used to create a so-called social credit score, which will determine whether individuals have access to services, from travel and education to loans and insurance cover. Some citizens -- such as lawyers and journalists -- will be more closely monitored. From a report on MIT Technology Review: Planning documents apparently describe the system as being created to "allow the trustworthy to roam everywhere under heaven while making it hard for the discredited to take a single step." The Journal claims that the system will at first log "infractions such as fare cheating, jaywalking and violating family-planning rules" but will be expanded in the future -- potentially even to Internet activity. Some aspects of the system are already in testing, but there are some challenges to implementing such a far-reaching apparatus. It's difficult to centralize all that data, check it for accuracy, and process it, for example -- let alone feed it back into the system to control everyday life. And China has data from 1.4 billion people to handle.
Media

Netflix Finally Gets Download Option (netflix.com) 105

For years, people asked Netflix to give them the ability to download movies and TV episodes. Though this might not seem like that big of a deal in many regions where internet connectivity is cheap and omnipresent, same is not the case everywhere, especially in developing regions. Netflix is finally addressing this need: the on-demand media streaming service said Wednesday that people can now download shows on their Android and iOS devices . From the company's blog post: Just click the download button on the details page for a film or TV series and you can watch it later without an internet connection. Many of your favorite streaming series and movies are already available for download, with more on the way, so there is plenty of content available for those times when you are offline.It's worth pointing out that the offline playback -- or the ability to download videos isn't available on desktop platforms. Also, it appears that a heck lot of shows currently don't have this feature -- as of today.

Slashdot Top Deals