Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Censorship

EFF Report Finds 74% Of Censorship News Stories Are About Facebook (onlinecensorship.org) 75

An anonymous reader writes: OnlineCensorship.org just released a new report "to provide an objective, data-driven voice in the conversation around commercial content moderation." They're collecting media reports about censorship on Facebook, Twitter, Instagram, YouTube, Flickr and Google+, and have now analyzed 294 reports of content takedowns -- 74% of which pertained to Facebook. (Followed by Instagram with 16% and Twitter with 7%.) 47% of all the takedowns were nudity-related, while the next two most frequent reasons given were "real name" violations and "inappropriate content".

Noting "a more visible public debate" over content moderation, the report acknowledges that 4.7 billion Facebook posts are made every day. (It also reports the "consistent refrain" from services apologizing for issues -- that "our team processes millions of reports each week...") But the most bizarre incident they've identified was the tech blogger in India who was locked out of his Facebook account in October because he shared a photo of a cat in a business suit. "It might sound stupid but this just happened to me," he told Mashable India, which reports Facebook later apologized and said it had made a mistake.

Their report -- part of the EFF's collaboration with Visualizing Impact -- urges platforms to clarify their guidelines (as well as applicable laws), to explain the mechanisms being used to evaluate content and appeals, and to share those criteria when notifying users of take-downs. For example, in August Facebook inexplicably removed a 16-century sketch by Erasmus of Rotterdam detailing a right hand.
Electronic Frontier Foundation

Humble Bundle Supports The EFF With A LEGO eBook Sale (humblebundle.com) 17

The EFF is describing it as "a break for your brain." An anonymous reader writes: Humble Bundle has announced a special "pay what you want" sale for four ebooks about LEGO from No Starch Press, with proceeds going to the Electronic Frontier Foundation, or to the charity of your choice. The ebooks include Beautiful LEGO (a compendium of creations by dozens of artists) and Medieval LEGO, which describes and recreates English history in the Middle Ages using LEGO blocks. Contributors who pay more than $8 also receive six more books, including "Forbidden LEGO" a more free-style building guide that one reviewer called "The Anarchist Cookbook of the nursery," as well as "The Cult of LEGO", a tour of the block-building community. And for a $15 donation, contributors receive six more ebooks -- bringing the total to 16 -- including The LEGO Christmas Ornaments Book and Steampunk LEGO.
Government

President Obama Gives Up On The Trans-Pacific Partnership (theguardian.com) 355

An anonymous reader quotes The Guardian: White House officials conceded on Friday that the president's hard-fought-for Trans-Pacific Partnership trade deal would not pass Congress, as lawmakers there prepared for the anti-global trade policies of President-elect Donald Trump. Earlier this week, congressional leaders in both parties said they would not bring the trade deal forward during a lame-duck session of Congress, before the formal transition of power on January 20.
One Canadian law professor had argued the case against the TPP included its unbalanced intellectual property rules and risks to privacy, while the EFF believed it locked in the worst parts of U.S. copyright law and also exported them to other countries.
Electronic Frontier Foundation

Aaron Swartz Remembered With Annual Hackathon In San Francisco (eff.org) 18

"This weekend you have the chance to add to Aaron Swartz's legacy by boosting tools for whistleblowers," the EFF writes. An anonymous reader quotes their report. The 2016 Aaron Swartz International Hackathon -- held in honor of the late Internet and political activist -- will take place during the day Saturday and Sunday at the Internet Archive in San Francisco. The hackathon will focus on whistleblower submission system SecureDrop, which was created by Swartz and Kevin Poulsen to connect media organizations and anonymous sources and is managed by the Freedom of the Press Foundation. This weekend's events -- timed to what would have been his 30th birthday on Nov. 8 -- will also feature a series of speakers on Saturday night, including SecureDrop's Conor Schaefer, Fight for the Future Co-founder Tiffiniy Cheng, and EFF Executive Director Cindy Cohn, as well as a special statement from Chelsea Manning.
Government

EFF Suggests Halloween Costume To Protest Facial Recognition Databases (eff.org) 65

An anonymous reader writes: EFF's list of costume ideas for digital rights activists include a Stingray costume, dressing up like a Privacy Badger (or a patent troll), and using facepaint to simulate the eerie digitization algorithms that are currently capturing images of your face for government databases. "Just this week we learned that facial recognition is far more prevalent among local and federal law enforcement than we thought, with at least 26 states using this biometric technology... To draw attention to this emerging threat to privacy, you can use your face painting skills to recreate the digitization algorithms on your own mug based on public records we and others have obtained from law enforcement agencies."
Sixteen states already grant the FBI access to their DMV databases, reports EFF, noting that it's "almost completely unregulated," with one study reporting that 50% of American faces are already in a government database.
Cellphones

Feds Walk Into a Building, Demand Everyone's Fingerprints To Open Phones (dailyherald.com) 432

An anonymous Slashdot reader quotes the Daily Herald: Investigators in Lancaster, California, were granted a search warrant last May with a scope that allowed them to force anyone inside the premises at the time of search to open up their phones via fingerprint recognition, Forbes reported Sunday. The government argued that this did not violate the citizens' Fifth Amendment protection against self incrimination because no actual passcode was handed over to authorities...

"I was frankly a bit shocked," said Andrew Crocker, a staff attorney at the Electronic Frontier Foundation, when he learned about the scope of search warrant. "As far as I know, this warrant application was unprecedented"... He also described requiring phones to be unlocked via fingerprint, which does not technically count as handing over a self-incriminating password, as a "clever end-run" around constitutional rights.

Encryption

Firefox Users Reach HTTPS Encryption Milestone (techcrunch.com) 63

For the first time ever, secure HTTPS encryption was used for over half the pageloads served to Mozilla users, representing a big milestone for encryption. TechCrunch reports on the telemetry data tweeted by the Head of Let's Encrypt: Mozilla, which is one of the organizations backing Let's Encrypt, was reporting that 40% of page views were encrypted as of December 2015. So it's an impressively speedy rise...

The Let's Encrypt initiative, which exited beta back in April, is doing some of that work by providing sites with free digital certificates to help accelerate the switch to HTTPS. According to [co-founder Josh] Aas, Let's Encrypt added more than a million new active certificates in the past week -- which is also a significant step up. In the initiative's first six months (when still in beta) it only issued around 1.7 million certificates in all.

The "50% HTTPS" figure is just a one-day snapshot, and it's from "only a subset of Firefox users who are running Mozilla's telemetry browser...not default switched on for most Firefox users (only for users of pre-release Firefox builds)." But the biggest caveat is it's only counting Firefox users, which in July represented just 7.7% of web surfers (according to Statista), behind both Chrome (49.5%) and Safari (13.68%) -- but also ahead of Internet Explorer (5.4%) and Opera (5.99%).
Electronic Frontier Foundation

EFF Co-Founder Announces Benefit Concert to Pay His Medical Bills (twitter.com) 195

An anoymous Slashdot reader reports: "I was dead for about 8 mins. on Wed. eve," EFF co-founder John Perry Barlow posted last year on Facebook. "total cardiac arrest...sad to report, no Ascending Light." The cyber-rights activist told the San Francisco Chronicle that he had gone "down the tunnel of eternity and it turned out to be a cheap carnival ride." He paused for a moment. "Probably not cheap, though."

Yesterday Barlow posted a Twitter update announcing a big benefit concert in Mill Valley, California to help pay his mounting medical bills on Monday, October 24th. Performers will include Bob Weir (also of The Grateful Dead), Jerry Harrison (of The Talking Heads), Lukas Nelson, Members of The String Cheese Incident, Sean Lennon and Les Claypool, plus 85-year-old folk singer Ramblin' Jack Elliott, as well as "special guests."

Barlow's family describes the last 18 months as a "medical incarceration" with "a dizzying array of medical events and complications" that has depleted his savings and insurance benefits. They've also set up a site for donations from "his fellow innovators, artists, cowboys, and partners-in-crime, to help us provide the quality of care necessary for Barlow's recovery."
Yahoo!

As Contradictions Mount, Experts Call For Declassification of Yahoo's Email-Scanning Order (onthewire.io) 50

An anonymous Slashdot reader writes: Look at this contradiction in the government's story about their secret scans on hundreds of millions of Yahoo emails. "Intelligence officials told Reuters that all Yahoo had to do was modify existing systems for stopping child pornography from being sent through its email or filtering spam messages." But three former Yahoo employee have now said that actually the court-ordered search "was done by a module attached to the Linux kernel -- in other words, it was deeply buried near the core of the email server operating system, far below where mail sorting was handled... They said that made it hard to detect and also made it hard to figure out what the program was doing."
Slashdot reader Trailrunner7 writes: Now, experts at the EFF and Sen. Ron Wyden say that the order served on Yahoo should be made public according to the text of a law passed last year. The USA Freedom Act is meant to declassify certain kinds of government orders, and the EFF says the Yahoo order fits neatly into the terms of the law. "If the reports about the Yahoo order are accurate -- including requiring the company to custom build new software to accomplish the scanning -- it's hard to imagine a better candidate for declassification and disclosure under Section 402," Aaron Mackey of the EFF said.
Government

Senator Questions The Declassification Policies of America's National Intelligence Office (senate.gov) 28

America spent $16 billion on classifying documents last year, and Senator Wyden argues the process is now "too unwieldy to be truly secure... over-classification prevents effective information sharing between agencies." An anonymous Slashdot reader quotes the Senator's new announcement: The Reducing Over-Classification Act of 2010 allows government agencies to pay cash awards to employees who accurately classify government documents consistently and avoid unnecessary over-classification of information that is not a threat to national security. In response to a Freedom of Information Act request by the EFF, the Office of the Director of National Intelligence said it could not locate any records about the criteria for awarding those incentives.

"Congress included this provision...to reverse the culture of unnecessary classification, reduce the volume of classified documents, and better protect the secrets whose disclosure would truly threaten national security," Wyden wrote [in a new letter to National Intelligence]. "I am concerned that federal agencies with the power to classify and declassify documents may not be taking advantage of these payment awards, and I believe doing so could benefit our national security."

HP

HP To Issue 'Optional Firmware Update' Allowing 3rd-Party Ink (arstechnica.com) 81

Soon after the Electronic Frontier Foundation (EFF) issued a letter to HP, calling for them to apologize to customers for releasing firmware that prevents the use of non-HP ink cartridges and refilled HP cartridges, the company has responded with a temporary solution. HP "will issue an optional firmware update that will remove the dynamic security feature" for certain OfficeJet printers. Ars Technica reports: HP made its announcement in a blog post titled "Dedicated to the best printing experience." "We updated a cartridge authentication procedure in select models of HP office inkjet printers to ensure the best consumer experience and protect them from counterfeit and third-party ink cartridges that do not contain an original HP security chip and that infringe on our IP," the company said. The recent firmware update for HP OfficeJet Pro, and OfficeJet Pro X printers "included a dynamic security feature that prevented some untested third-party cartridges that use cloned security chips from working, even if they had previously functioned," HP said. For customers who don't wish to be protected from the ability to buy less expensive ink cartridges, HP said it "will issue an optional firmware update that will remove the dynamic security feature. We expect the update to be ready within two weeks and will provide details here." This customer-friendly move may just be a one-time thing. HP said it will continue to use security features that "protect our IP including authentication methods that may prevent some third-party supplies from working." Without the optional firmware update, printers will only be able to use third-party ink cartridges that have an "original HP security chip," the company said.
Electronic Frontier Foundation

EFF Calls On HP To Disable Printer Ink Self-Destruct Sequence (arstechnica.com) 250

HP should apologize to customers and restore the ability of printers to use third-party ink cartridges, the Electronic Frontier Foundation (EFF) said in a letter to the company's CEO yesterday. From an ArsTechnica report:HP has been sabotaging OfficeJet Pro printers with firmware that prevents use of non-HP ink cartridges and even HP cartridges that have been refilled, forcing customers to buy more expensive ink directly from HP. The self-destruct mechanism informs customers that their ink cartridges are "damaged" and must be replaced. "The software update that prevented the use of third-party ink was reportedly distributed in March, but this anti-feature itself wasn't activated until September," EFF Special Advisor Cory Doctorow wrote in a letter to HP Inc. CEO Dion Weisler. "That means that HP knew, for at least six months, that some of its customers were buying your products because they believed they were compatible with any manufacturer's ink, while you had already planted a countdown timer in their property that would take this feature away. Your customers will have replaced their existing printers, or made purchasing recommendations to friends who trusted them on this basis. They are now left with a less useful printer -- and possibly a stockpile of useless third-party ink cartridges."
Crime

Cops Are Raiding Homes of Innocent People Based Only On IP Addresses (fusion.net) 241

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."
The Courts

'Unpatent' Begins Crowdfunding Challenges To Bad Patents (unpatent.co) 115

"Unpatent is a crowdfunding platform that eliminates bad patents," reads their web site. "We do that by crowdsourcing the prior art -- that is all the evidence that makes clear that a patent was not novel -- and filing reexamination requests to the patent office." An anonymous Slashdot reader reports: "Everyone in the world can back the crowdfunding campaign against the patent," explains their site, which includes a special section with "Featured stupid patents". The first $16,000 raised covers the lawyers and fees at the U.S. Patent and Trademark Office, and "The rest is distributed to those who find valid prior art...any evidence that a patent is not novel. We review all the prior art pieces and reward those that may invalidate a claim... Then, we file an ex partes reexamination to the USPTO."

Their team includes Lee Cheng, the legal officer at Newegg, "worldwide renowned as the patent trolls' nightmare," as well as Lus Cuende, who created his own Linux distro when he was 15 and is now CTO of Stampery, a company using the Bitcoin blockchain to notarize data.

They're currently targeting the infamous US8738435 covering "personalized content relating to offered products and services," which in February the EFF featured as their "stupid patent of the month." Its page on Unpatent.co argues that "Taking something so obvious such as personalizing content and offers...and writing the word online everywhere shouldn't grant you a monopoly over it." Unpatent's slogan? "We invalidate patents that shouldn't exist."
Government

Senator Urges Colleagues to Prevent Expansion of Government Hacking (onthewire.io) 41

Thursday Sen. Ron Wyden urged the Senate to block a pending change to federal Rule 41, which starting in December will allow judges to authorize remote access to an unlimited number of computers. An anonymous Slashdot reader quotes On The Wire's update on the "Stopping Mass Hacking" Act: In May, Wyden introduced a one-sentence bill that would prevent the change. The Senate has taken no action on the bill thus far and Wyden on Thursday warned that continued inaction on the issue would be dangerous. "If the Senate does nothing, if the Senate fails to act, what's ahead for Americans is a massive expansion of government hacking and surveillance powers..."

Wyden asked the Senate to pass his bill by unanimous consent, but Sen. John Cornyn (R-Texas) objected, saying that the change to Rule 41 was a simple one that would help law enforcement agencies know which venue is the correct one to ask for a warrant... Cornyn cited recent reports about hacks of the election systems in some states, possibly by foreign governments, as evidence of the need for the change. "This isn't a time to retreat and allow cyberspace to be run amok by cybercriminals. This is a very sensible tool of venue."

Google, PayPal, and the Tor Project are all opposing the pending rule change, along with the EFF, which is gathering signatures online for a petition arguing that vaguer warrants "could impact any person using a computer with Internet access anywhere in the world."
Microsoft

Google, Apple, Mozilla, and the EFF Support Microsoft's Fight Against Gag Orders (betanews.com) 55

An anonymous Slashdot reader quotes BetaNews about new legal documents filed Friday: Microsoft is fighting the US Justice Department in an attempt to quash a law that prevents companies informing customers that the government is requesting their data. The technology giant has the backing of other tech companies as well as media outlets. Amazon, Apple, Google, Fox News, Electronic Frontier Foundation and Mozilla are among those offering their support to Microsoft. The lawsuit says that blocking companies from keeping their customers informed is unconstitutional, and it comes at a time when tech companies in particular are keen to be as open and transparent as possible about government requests for data....

As EFF Senior Staff Attorney Lee Tien puts it: "Whether the government has a warrant to rifle through our mail, safety deposit boxes, or emails stored in the cloud, it must notify people about the searches. When electronic searches are done in secret, we lose our right to challenge the legality of law enforcement invasions of privacy. The Fourth Amendment doesn't allow that, and it's time for the government to step up and respect the Constitution."

Mozilla argues transparency "is critical to our vision of an open, trusted, secure web that places users in control of their experience online," in a blog post announcing that they'd joined a brief filed by Apple, Twilio, and Lithium Technologies.

And a statement from an EFF staff attorney argues that notifying the targets of searches "provides a free society with a crucial means of government accountability."
Security

How Security Experts Are Protecting Their Own Data (siliconvalley.com) 217

Today the San Jose Mercury News asked several prominent security experts which security products they were actually using for their own data. An anonymous Slashdot reader writes: The EFF's chief technologist revealed that he doesn't run an anti-virus program, partly because he's using Linux, and partly because he feels anti-virus software creates a false sense of security. ("I don't like to get complacent and rely on it in any way...") He does regularly encrypt his e-mail, "but he doesn't recommend that average users scramble their email, because he thinks the encryption software is just too difficult to use."

The newspaper also interviewed security expert Eugene Spafford, who rarely updates the operating system on one of his computers -- because it's not connected to the internet -- and sometimes even accesses his files with a virtual machine, which he then deletes when he's done. His home router is equipped with a firewall device, and "he's developed some tools in his research center that he uses to try to detect security problems," according to the article. "There are some additional things I do," Spafford added, telling the reporter that "I'm not going to give details of all of them, because that doesn't help me."

Bruce Schneier had a similar answer. When the reporter asked how he protected his data, Schneier wouldn't tell them, adding "I'm kind of a target..."
Electronic Frontier Foundation

US Customs and Border Protection Wants To Know Who You Are On Twitter (eff.org) 348

An anonymous reader quotes a report from Electronic Frontier Foundation: U.S. border control agents want to gather Facebook and Twitter identities from visitors from around the world. But this flawed plan would violate travelers' privacy, and would have a wide-ranging impact on freedom of expression -- all while doing little or nothing to protect Americans from terrorism. A proposal has been issued by U.S. Customs and Border Protection to collect social media handles from visitors to the United States from visa waiver countries. The Electronic Frontier Foundation opposes the proposal and has commented on it individually and as part of a larger coalition. "CBP specifically seeks 'information associated with your online presence -- Provider/Platform -- Social media identifier' in order to provider DHS 'greater clarity and visibility to possible nefarious activity and connections' for 'vetting purposes,'" reports EFF. "In our comments, we argue that would-be terrorists are unlikely to disclose social media identifiers that reveal publicly available posts expressing support for terrorism." They say this plan "would unfairly violate the privacy of innocent travelers," would cause "innocent travelers" to "engage in self-censorship, cutting back on their online activity out of fear of being wrongly judged by the U.S. government," and would lead to a "slippery slope, where CBP would require U.S. citizens and residents returning home to disclose their social media handles, or subject both foreign visitors and U.S. persons to invasive device searches at ports of entry with the intent of easily accessing any and all cloud data."
Electronic Frontier Foundation

EFF Accuses T-Mobile of Violating Net Neutrality With Throttled Video (arstechnica.com) 57

An anonymous reader writes: T-Mobile's new "unlimited" data plan that throttles video has upset the Electronic Frontier Foundation (EFF), which accuses the company of violating net neutrality principles. The new $70-per-month unlimited data plan "limits video to about 480p resolution and requires customers to pay an extra $25 per month for high-definition video," reports Ars Technica. "Going forward, this will be the only plan offered to new T-Mobile customers, though existing subscribers can keep their current prices and data allotments." EFF Senior Staff Technologist Jeremy Gillula told the Daily Dot, "From what we've read thus far it seems like T-Mobile's new plan to charge its customers extra to not throttle video runs directly afoul of the principle of net neutrality." The FCC's net neutrality rules ban throttling, though Ars notes "there's a difference between violating 'the principle of net neutrality' and violating the FCC's specific rules, which have exceptions to the throttling ban and allow for case-by-case judgements." "Because our no-throttling rule addresses instances in which a broadband provider targets particular content, applications, services, or non-harmful devices, it does not address a practice of slowing down an end user's connection to the internet based on a choice made by the end user," says the FCC's Open Internet Order (PDF). "For instance, a broadband provider may offer a data plan in which a subscriber receives a set amount of data at one speed tier and any remaining data at a lower tier." The EFF is still determining whether or not to file a complaint with the Federal Communications Commission.
DRM

Cory Doctorow On What iPhone's Missing Headphone Jack Means For Music Industry (fastcompany.com) 394

Rumors of Apple's next iPhone missing a headphone jack have been swirling around for more than a year now. But a report from WSJ a few weeks ago, and another report from Bloomberg this week further cemented such possibility. We've talked about it here -- several times -- but now Cory Doctorow is shedding light on what this imminent change holds for the music industry. Reader harrymcc writes: Fast Company's Mark Sullivan talked about the switch with author and EFF adviser Cory Doctorow, who thinks it could lead to music companies leveraging DRM to exert more control over what consumers can do with their music.From the article:"If Apple creates a circumstance where the only way to get audio off its products is through an interface that is DRM-capable, they'd be heartbreakingly naive in assuming that this wouldn't give rise to demands for DRM," said Doctorow. If a consumer or some third-party tech company used the music in way the rights holders didn't like, the rights holders could invoke the anti-circumvention law written in Section 1201 of the Digital Millennium Copyright Act (DMCA). Steve Jobs famously convinced the record industry to remove the DRM from music on iTunes; is there really any reason to believe the industry might suddenly become interested in DRM again if the iPhone audio goes all digital? "Yes -- for streaming audio services," Doctorow says. "I think it is inevitable that rights holder groups will try to prevent recording, retransmission, etc." Today it's easy to record streamed music from the analog headphone jack on the phone, and even to convert the stream back to digital and transmit it in real time to someone else. With a digital stream it might not be nearly so easy, or risk-free."Doctorow shares more on BoingBoing.

Slashdot Top Deals