×
Privacy

German Spy Agency Can Keep Tabs On Internet Hubs, Federal Court Rules (phys.org) 54

Earlier this week, a federal court in Germany threw out a challenge by the world's largest internet hub, the De-Cix exchange, against the tapping of its data flows by the BND foreign intelligence service. What this means is that the country's spy agency can continue to monitor major internet hubs if Berlin deems it necessary for strategic security interests. From a report: The operator had argued the agency was breaking the law by capturing German domestic communications along with international data. However, the court in the eastern city of Leipzig ruled that internet hubs "can be required by the federal interior ministry to assist with strategic communications surveillance by the BND." De-Cix says its Frankfurt hub is the world's biggest internet exchange, bundling data flows from as far as China, Russia, the Middle East and Africa, which handles more than six terabytes per second at peak traffic.

De-Cix Management GmbH, which is owned by eco Association, the European internet industry body, had filed suit against the interior ministry, which oversees the BND and its strategic signals intelligence. It said the BND, a partner of the US National Security Agency (NSA), has placed so-called Y-piece prisms into its data-carrying fibre optic cables that give it an unfiltered and complete copy of the data flow. The surveillance sifts through digital communications such as emails using certain search terms, which are then reviewed based on relevance.

Power

Trump Orders a Lifeline For Struggling Coal and Nuclear Plants (nytimes.com) 286

According to The New York Times, President Trump has ordered Energy Secretary Rick Perry to "prepare immediate steps" to stop the closure of unprofitable coal and nuclear plants around the country. From the report: Under one proposal outlined in the memo, which was reported by Bloomberg, the Department of Energy would order grid operators to buy electricity from struggling coal and nuclear plants for two years, using emergency authority that is normally reserved for exceptional crises like natural disasters. That idea triggered immediate blowback from a broad alliance of energy companies, consumer groups and environmentalists. On Friday, oil and gas companies joined with wind and solar organizations in a joint statement condemning the plan, saying that it was "legally indefensible" and would force consumers to pay more for electricity.

The administration has also discussed invoking the Defense Production Act of 1950, which allows the federal government to intervene in private industry in the name of national security. (Harry S. Truman used the law to impose price controls on the steel industry during the Korean War.) If the Trump administration were to invoke these two statutes, the move would almost certainly be challenged in federal court by natural gas and renewable energy companies, which could stand to lose market share.
Such an intervention could cost consumers between $311 million to $11.8 billion pear year, according to a preliminary estimate (PDF) by Robbie Orvis, director of energy policy design at Energy Innovation.
Businesses

Facebook, Amazon, and Hundreds of Companies Post Targeted Job Ads That Screen Out Older Workers (vox.com) 169

Older workers are accusing Facebook, Ikea, and hundreds of other companies for discriminating against job seekers in their 50s and 60s through targeted job ads posted on Facebook. From a report: The Communications Workers of America, a labor union representing 700,000 media workers across the country, added the companies to a class-action lawsuit on Tuesday, which was filed in California federal court in December. In its original complaint, the labor union accused Amazon, T-Mobile, and Cox Media Group of doing the same thing. The case, Bradley v. T-Mobile, has major implications for US employers, who routinely buy job ads on Facebook to reach users. The plaintiffs argue that Amazon, T-Mobile, Ikea, Facebook, and hundreds of other companies target the ads so they are only seen by younger Facebook users.

The lawsuit revolves around Facebook's unique business model, which lets advertisers micro-target the network's users based on their interests, city, age, and other demographic information. In the past, equal rights advocates have sued Facebook for accepting ads that discriminate against consumers based on their religion, race, and gender. Facebook has argued that the company is not legally responsible when other companies buy ads that violate the law.

AT&T

AT&T Wants To Settle With FTC To Avoid Unlimited Data Throttling Lawsuit (arstechnica.com) 35

AT&T has given up its years-long quest to cripple the Federal Trade Commission's authority to regulate broadband providers. "Just weeks ago, AT&T said it intended to appeal its loss in the case to the U.S. Supreme Court before a deadline of May 29," reports Ars Technica. "But today, AT&T informed (PDF) court officials that it has decided not to file a petition to the Supreme Court and did not ask for a deadline extension." From the report: AT&T had been trying to limit the FTC's authority since October 2014, when the FTC sued AT&T for promising unlimited data to wireless customers and then throttling their speeds by as much as 90 percent. With AT&T having ruled out a Supreme Court appeal, the FTC can finally pursue its case against AT&T and try to secure refunds for affected customers. AT&T's decision also means that traditional phone companies will have to face some net neutrality oversight from the FTC after the Federal Communications Commission finalizes its net neutrality repeal. AT&T said it will try to settle the case with the FTC instead of going to trial. AT&T's decision might indicate that it is already having settlement talks with the agency.

"We have decided not to seek review by the Supreme Court, to focus instead on negotiating a fair resolution of the case with the Federal Trade Commission," AT&T said in a statement to Ars. The FTC is barred from regulating common carriers, and AT&T has long been a common carrier for its mobile voice and landline phone services. AT&T previously argued that the FTC can't regulate any product offered by AT&T, whether it is or isn't a common carrier service. Though ultimately unsuccessful, AT&T's attempt to deny the FTC's authority to regulate any aspect of its business has delayed the throttling case for years.

Android

Samsung Won't Be Forced To Update Old Smartphones (bbc.com) 145

Samsung will not be forced to update the software on its mobile phones for years after their release, after it won a court case in the Netherlands. From a report: A consumer association had argued that Samsung should update its phones for at least four years after they go on sale. Regular software updates can address security problems but older models do not typically receive all the latest updates. However, the court rejected the association's claims.

Samsung produces some of the world's best-selling mobile phones running Google's Android operating system. Google regularly produces software updates that address newly discovered security flaws, and offers these to phone manufacturers such as Samsung. It is often up to the phone manufacturer to distribute the update to its customers. Consumer group Consumentenbond said Samsung was not distributing updates in a "timely" manner. Samsung said it guaranteed consumers in the Netherlands would get software updates for two years after a handset first went on sale in the country. The court ruled in Samsung's favour and said the claims made by Consumentenbond were "inadmissible" because they related to "future acts."

Security

Valve Patches Security Bug That Existed in Steam Client for the Past Ten Years (bleepingcomputer.com) 77

Valve developers have recently patched a severe security flaw that affected all versions of the Steam gaming client released in the past ten years. From a report: According to Tom Court, a security researcher with Context Information Security, the one who discovered the flaw, the vulnerability would have allowed an attacker to execute malicious code on any of Steam's 15 million gaming clients. In the jargon of security researchers, this is a remote code execution (RCE) flaw because exploitation was possible via network requests, without needing access to the victim's computer. Court says an attacker was only required to send malformed UDP packets to a target's Steam client, which would have triggered the bug and allowed him to run malicious code on the target's PC.
Government

Kaspersky Suits Tossed, Fed Bans Will Continue (axios.com) 82

A Washington D.C. court has dismissed Kaspersky Lab's lawsuits against the U.S. government over two different rules banning Kaspersky products from federal systems. From a report: Both a federal law passed as part of last years National Defense Authorization Act (NDAA,) and a binding operational directive (BOD) issued by the Department of Homeland Security, prohibit federal agencies from using Kaspersky products. Both portrayed Kaspersky, a Moscow based company, as a national security risk. Kaspersky sued to prevent the two rules from coming into place, claiming the NDAA was a form of unlawful punishment against a specific company known as a bill of attainder. The judge reasoned that "The NDAA does not inflict 'punishment' on Kaspersky Lab. It eliminates a perceived risk to the Nation's cybersecurity and, in so doing, has the secondary effect of foreclosing one small source of revenue for a large multinational corporation." Because the NDAA ruling remains in effect, the judge ruled the BOD case was more or less a moot point. Further reading: Who's Afraid of Kaspersky?, and US Government Can't Get Controversial Kaspersky Lab Software Off Its Networks.
Facebook

More Firms Used Facebook To Block Older Job Seekers, Lawsuit Alleges (chicagotribune.com) 223

A proposed class-action lawsuit alleging Facebook's ad placement tools facilitate discrimination against older job-seekers has been expanded to identify additional companies. "When Facebook's own algorithm disproportionately directs ads to younger workers at the exclusion of older workers, Facebook and the advertisers who are using Facebook as an agent to send their advertisements are engaging in disparate treatment," a communications union alleged in the amended complaint, citing a legal test for employment discrimination, filed Tuesday in San Francisco federal court. The union added claims under California's fair employment and unfair competition statutes to the lawsuit, which was initially filed in December. Chicago Tribune reports: The Communications Workers of America is suing on behalf of union members and other job seekers who allegedly missed out on employment opportunities because companies used Facebook's ad tools to target people of other ages. The original filing named defendants are Amazon.com Inc., Cox Media Group, Cox Communications Inc. and T-Mobile, as well as what the union estimates to be hundreds of employers and employment agencies who used Facebook's tools to filter out older job hunters when seeking to fill positions. The amended filing adds Ikea, Enterprise Rent-A-Car and the University of Maryland Medical System to its list of companies who allegedly used Facebook's tools to filter by age. Those three entities, as well as Facebook, aren't named defendants in the lawsuit.

The union alleged in its amended lawsuit that Facebook also uses age-filtering in ads intended to find its own new employees. In January, the union filed an Equal Employment Opportunity Commission complaint about the alleged practice, according to a copy obtained by Bloomberg News. The CWA says it has filed similar claims against dozens of companies, and that the agency has asked those employers, and Facebook, to respond to the allegations. An EEOC spokeswoman declined to confirm or deny the existence of any complaints.

Encryption

Russia Demands Apple Remove Telegram From Russian App Store (macrumors.com) 113

The Russian government is asking Apple to help it block Telegram by removing it from the country's App Store. Mac Rumors reports: A Russian court in April ordered carriers and internet providers in the country to block Telegram back in April, after Telegram refused to provide Russia with backdoor access to user messages. Despite issuing the block order back in April, Russia has only been able to disrupt Telegram's operations in the country by 15 to 30 percent. Given the government's inability to block the app, Roskomnadzor, the division of the government that controls media and telecommunications, has demanded that Apple remove the Telegram app from the Russian App Store. The group first asked Apple to remove the app in April, but is appealing to Apple again.

"In order to avoid possible action by Roskomnadzor for violations of the functioning of the above-mentioned Apple Inc. service, we ask you to inform us as soon as possible about your company's further actions to resolve the problematic issue," the regulator wrote. Roskomnadzor has given Apple one month to remove the Telegram app from the App Store. Roskomnadzor's director Alexander Zharov said he did not want to "forecast further actions" should Apple not comply with the request following the 30 day period.

Advertising

Lawyers Are Sending Mobile Ads To Patients Sitting In Emergency Rooms 74

An anonymous reader quotes a report from NPR: Patients sitting in emergency rooms, at chiropractors' offices and at pain clinics in the Philadelphia area may start noticing on their phones the kind of messages typically seen along highway billboards and public transit: personal injury law firms looking for business by casting mobile online ads at patients. The potentially creepy part? They're only getting fed the ad because somebody knows they are in an emergency room. The technology behind the ads, known as geofencing, or placing a digital perimeter around a specific location, has been deployed by retailers for years to offer coupons and special offers to customers as they shop. Bringing it into health care spaces, however, is raising alarm among privacy experts.

Law firms and marketing companies from Tennessee to California are also testing out the technology in hospital settings. "Is everybody in an emergency room going to need an attorney? Absolutely not," Kakis says. "But people that are going to need a personal injury attorney are more than likely at some point going to end up in an emergency room." The advertisers identify someone's location by grabbing what is known as "phone ID" from Wi-Fi, cell data or an app using GPS. Once someone crosses the digital fence, Kakis says, the ads can show up for more than a month -- and on multiple devices.
Crime

Canadian Hacker Sentenced To 5 Years For Yahoo Security Breach (seattletimes.com) 21

The computer hacker who worked with Russian spies was sentenced to five years in prison Tuesday for his role in a massive security breach at Yahoo. "U.S. Judge Vince Chhabria also fined Karim Baratov $250,000 during a sentencing hearing in San Francisco," The Associated Press reports. From the report: Baratov, 23, pleaded guilty in November to nine felony hacking charges. He acknowledged in his plea agreement that he began hacking as a teen seven years ago and charged customers $100 per hack to access web-based emails. Prosecutors allege he was "an international hacker for hire" who indiscriminately hacked for clients he did not know or vet, including dozens of jobs paid for by Russia's Federal Security Service. Baratov, who was born in Kazakhstan but lived in Toronto, Canada, where he was arrested last year, charged customers to obtain another person's webmail passwords by tricking them to enter their credentials into a fake password reset page. Prosecutors said Russian security service hired Baratov to target dozens of email accounts using information obtained from the Yahoo hack.

"Deterrence is particularly important in a case like this," the judge said during the hearing. He rejected prosecutors call for a prison sentence of nearly 10 years, noting Baratov's age and clean criminal record prior to his arrest. Baratov has been in custody since his arrest last year. He told the judge Tuesday that his time behind bars has been "a very humbling and eye-opening experience." He apologized to those he hacked and promised "to be a better man" and obey the law upon his release. The judge said it is likely Baratov will be deported once he is released from prison.

Businesses

Intel Faces Age Discrimination Allegations Following Layoffs (engadget.com) 262

Intel is under investigation for potential age discrimination in its approach to layoffs initiated in 2016, according to a report. Engadget: The Wall Street Journal has learned that the US Equal Employment Opportunity Commission is investigating claims that Intel's large-scale layoffs discriminated against older employees. In a May 2016 round that cut 2,300 workers, for instance, the median age of those let go was 49 -- seven years older than those who remained. The EEOC hasn't decided whether or not it will file a class-action lawsuit against Intel, but the affected people will be free to pursue civil lawsuits if the regulator doesn't find enough evidence to pursue its own case. The EEOC isn't allowed to confirm or deny investigations. However, an Intel spokesperson categorically denied that age played a role.
The Courts

PUBG and Epic Games, Makers of Two of the World's Most Popular Video Games, Set To Battle in Court (bloomberg.com) 174

PUBG, an affiliate of South Korean studio Bluehole, is suing the Korean unit of North Carolina-based Epic Games, arguing that its smash hit Fortnite copies many of the characteristics of its own PlayerUnknown's Battlegrounds. The suit, alleging copyright infringement, was filed in South Korea. From a report: PUBG introduced its game last year and it became a huge hit as players embraced the Hunger Games-style concept in which 100 players race to kill each other until there's a sole survivor. But the game's features have been embraced by rivals, prompting earlier legal action. Fortnite has a similar concept of 100 people competing with each other, but differs by letting players build fortifications similar to Minecraft and using more cartoon-like graphics aimed at younger players "This is a measure to protect our copyrights," PUBG said, declining to provide further details. Epic Games didn't immediately respond to requests for comment. The two companies have a complicated relationship. Epic Games provides PUBG with its Unreal Engine technology, which was used to create PlayerUnknown's Battlegrounds. The software is instrumental in building games and is the industry-standard for professional games developers. Both companies are also partly owned by Tencent Holdings, China's internet giant.
The Courts

Ask Slashdot: Can a City Really Sue an Oil Company For Climate Change? (wired.com) 301

An anonymous reader writes: The city of Richmond, California, is suing Chevron, its largest employer and its largest public-safety scourge. But while industrial accidents like refinery fires are commonplace in the low-lying industrial town, that's not what this lawsuit is about. Richmond and six other California cities are suing oil companies for contributing to the changing climate, which threatens to inundate their shorelines. "In an era of federal deregulation and rising seas, these lawsuits feel increasingly urgent," writes deputy editor Adam Rogers. "The question is whether the courts will even see them as plausible."

The lawsuits face two big legal hurdles: getting scientific proof that climate change (and specific companies causing climate change) are to blame for the cities' woes, along with overcoming oil companies' contention that cities can't sue them at all, since at the federal level, they're beholden to the Clean Air Act. But the urban plaintiffs have a plan for that. They are not asking for new regulations or bans; they're asking for reparations for a problem they say oil companies willfully hid from them. "Oil and gas, like cigarettes, are products. The companies that sell them are liable for the damages they cause," says Sharon Eubanks, an attorney at Bordas & Bordas who was lead counsel in the Justice Department's RICO case against the Philip Morris tobacco company. "They have misled the public about the product's dangers."

The Courts

Judge Backs Parents, Saying Their 30-Year-Old Son Must Move Out (npr.org) 419

"Attention geeks living in their parents' basements!" writes PolygamousRanchKid , sharing this story from NPR: The promise of adventure didn't do it. Neither did the lure of independence, or the weight of his 30 years. Instead, it took a judge to pry Michael Rotondo from his parents' home. The couple won an eviction order against their son, after a judge argued with Rotondo for 30 minutes. "I don't see why they can't just, you know, wait a little bit for me to leave the house," Rotondo told Donald Greenwood, a justice on the Onondaga County Supreme Court...

Christina and Mark Rotondo resorted to legal action after a series of notes to their son (starting on Feb. 2) failed to get him to move out of their home in Camillus, New York, a town west of Syracuse. Those notes followed discussions that began last October. The notes to Michael Rotondo ranged from orders to leave and encouragement to get a job, to offers of more than $1,000 and help in finding a place... The notes escalated into a formally worded notice for Rotondo to leave that set a 30-day deadline -- which lapsed on March 15...

In a legal filing cited by CNYCentral, Rotondo said that in the eight years he has lived at his parents' house, he "has never been expected to contribute to household expenses, or assisted with chores and the maintenance of the premises," and that those conditions are simply part of an informal agreement. When he was in his early 20s, Rotondo briefly lived on his own, but he moved back in with his parents after losing a job...

The case is being seen as an extreme example of a growing trend. As NPR reported in 2016, a Pew study found that, "For the first time in more than 130 years, Americans ages 18-34 are more likely to live with their parents than in any other living situation."

The Courts

Tesla Agrees To Settle Class Action Over Autopilot Billed As 'Safer' (reuters.com) 66

An anonymous reader quotes a report from Reuters: Tesla on Thursday reached an agreement to settle a class action lawsuit with buyers of its Model S and Model X cars who alleged that the company's assisted-driving Autopilot system was "essentially unusable and demonstrably dangerous." The lawsuit said Tesla misrepresented on its website that the cars came with capabilities designed to make highway driving "safer." The Tesla owners said they paid an extra $5,000 to have their cars equipped with the Autopilot software with additional safety features such as automated emergency braking and side collision warning. The features were "completely inoperable," according to the complaint. Under the proposed agreement, class members, who paid to get the Autopilot upgrade between 2016 and 2017, will receive between $20 and $280 in compensation. Tesla has agreed to place more than $5 million into a settlement fund, which will also cover attorney fees.
Facebook

Facebook Accused of Conducting Mass Surveillance Through Its Apps (theguardian.com) 93

A court case in California alleges that Facebook used its apps to gather information about users and their friends, including some who had not signed up to the social network, reading their text messages, tracking their locations and accessing photos on their phones. The Guardian reports: The claims of what would amount to mass surveillance are part of a lawsuit brought against the company by the former startup Six4Three, listed in legal documents filed at the superior court in San Mateo as part of a court case that has been ongoing for more than two years. The allegations about surveillance appear in a January filing, the fifth amended complaint made by Six4Three. It alleges that Facebook used a range of methods, some adapted to the different phones that users carried, to collect information it could use for commercial purposes.

"Facebook continued to explore and implement ways to track users' location, to track and read their texts, to access and record their microphones on their phones, to track and monitor their usage of competitive apps on their phones, and to track and monitor their calls," one court document says. But all details about the mass surveillance scheme have been redacted on Facebook's request in Six4Three's most recent filings. Facebook claims these are confidential business matters. It has until next Tuesday to submit a claim to the court for the documents to remain sealed from public view.

The Courts

Samsung Must Pay Apple $539 Million For Infringing iPhone Design Patents, Jury Finds (cnet.com) 143

Samsung must pay Apple $539 million for infringing five patents with Android phones it sold in 2010 and 2011, a jury has found in a legal fight that dates back seven years. "The unanimous decision, in the U.S. District Court in San Jose in the heart of Silicon Valley, is just about halfway between what the two largest mobile phone makers had sought in a high-profile case that reaches back to 2011," reports CNET. From the report: The bulk of the damages payment, $533,316,606, was for infringing three Apple design patents. The remaining $5,325,050 was for infringing two utility patents. Samsung already had been found to infringe the patents, but this trial determined some of the damages. The jury's rationale isn't clear, but the figure is high enough to help cement the importance of design patents in the tech industry. Even though they only describe cosmetic elements of a product, they clearly can have a lot of value.

Samsung showed its displeasure and indicated the fight isn't over. "Today's decision flies in the face of a unanimous Supreme Court ruling in favor of Samsung on the scope of design patent damages. We will consider all options to obtain an outcome that does not hinder creativity and fair competition for all companies and consumers," Samsung said.

Businesses

Internal Documents Show Apple Knew the iPhone 6 Would Bend (vice.com) 130

In 2014, multiple users reported that their iPhone 6 and 6 Plus handsets were bending under pressure, such as when they were kept in a pocket. As a byproduct of this issue, the touchscreen's internal hardware was also susceptible to losing its connection to the phone's logic board. It turns out, Apple was aware that this could happen. Motherboard: Apple's internal tests found that the iPhone 6 and iPhone 6 Plus are significantly more likely to bend than the iPhone 5S, according to information made public in a recent court filing obtained by Motherboard. Publicly, Apple has never said that the phones have a bending problem, and maintains that position, despite these models commonly being plagued with "touch disease," a flaw that causes the touchscreen to work intermittently that the repair community say is a result of bending associated with normal use. The information is contained in internal Apple documents filed under seal in a class-action lawsuit that alleges Apple misled customers about touch disease. The documents remain under seal, but US District Court judge Lucy Koh made some of the information from them public in a recent opinion in the case. The company found that the iPhone 6 is 3.3 times more likely to bend than the iPhone 5s, and the iPhone 6 Plus is 7.2 times more likely to bend than the iPhone 5s, according to the documents. Koh wrote that "one of the major concerns Apple identified prior to launching the iPhones was that they were 'likely to bend more easily when compared to previous generations.'"
Crime

Gamers Involved In Fatal Wichita 'Swatting' Indicted On Federal Charges (kansas.com) 432

bricko shares a report from Kansas: A federal grand jury has indicted the man accused in Wichita's fatal swatting as well as the two gamers involved in the video game dispute that prompted the false emergency call. The 29-page indictment was unsealed Wednesday in U.S. District Court for the District of Kansas. It charges 25-year-old Tyler Barriss, who is facing state court charges including involuntary manslaughter, with false information and hoaxes, cyberstalking, threatening to kill another or damage property by fire, interstate threats, conspiracy and several counts of wire fraud, according to federal court records. One of the gamers -- 18-year-old Casey S. Viner of North College Hill, Ohio -- is charged with several counts of wire fraud, conspiracy, obstruction of justice and conspiracy to obstruct justice. The other gamer -- 19-year-old Shane M. Gaskill of Wichita -- is charged with several counts of obstruction of justice, wire fraud and conspiracy to obstruct justice.
UPDATE (5/26/18): Both Barriss and Viner are now facing life in prison.

Slashdot Top Deals