Covers the period:
2017-01-01 .. 2017-02-19
(SPIDs: [586..611]) --martyb
Join our Folding@Home team:
Support us: Subscribe Here
NASA will hold a news conference at 1 p.m. EST Wednesday, Feb. 22, to present new findings on planets that orbit stars other than our sun, known as exoplanets. The event will air live on NASA Television and the agency's website. Details of these findings are embargoed by the journal Nature until 1 p.m.
The Guardian writes:
The high court in New Zealand has ruled Megaupload founder Kim Dotcom can be extradited to the United States to face a multitude of charges including money laundering and copyright breaches. US authorities had appealed for Dotcom's extradition to face 13 charges including allegations of conspiracy to commit racketeering, copyright infringement, money laundering and wire fraud.
The German national, who has permanent residency in New Zealand, faces up to 20 years in jail if convicted in the US of piracy, which authorities say cost copyright owners hundreds of millions of dollars. It is nearly five years since Dotcom, a self-described "internet freedom fighter", was arrested in a dramatic police raid on his mansion near Auckland after the FBI shut down Megaupload's servers.
The ruling is confusing because the charges which allow for extradition are different between NZ and the US. From CNN:
Although the four men are accused by U.S. authorities of profiting from copyright infringement through the file-sharing website, the High Court acknowledged Monday that there's no relevant criminal offense under New Zealand's copyright law.
Instead, the court found that Dotcom and his associates were eligible for extradition under conspiracy to defraud and potentially other serious crimes.
Also at pcworld.
Submitted via IRC for TheMightyBuzzard
Twitter has launched a new way to punish users for bad behavior, temporarily "limiting" their account.
Some users are receiving notices their accounts are limited for 12 hours, meaning only people who follow them can see their tweets or receive notifications. When they are retweeted, people outside their network can't see those retweets.
Some speculate these limitations are automatic based on keywords, but there is no hard evidence.
This would be fine if this was used uniformly to clamp down on harassment, but it appears to be used on people, simply for using politically incorrect language.
A federal judge has ordered (PDF) Cox Communications to pay a bruising $8 million in legal fees to BMG Rights Management after the ISP lost a landmark case over Internet piracy.
The legal case began in 2014, when music publishers BMG and Round Hill Music took the long-threatened step of actually suing a major Internet provider for its users' infringement, saying that Cox didn't do enough to stop the piracy. BMG and Round Hill were both clients of Rightscorp, an anti-piracy outfit that produces millions of e-mail notices to consumers alleged to have infringed its clients' copyrights by using BitTorrent software. Rightscorp warns ISPs that if they don't forward the notices to subscribers, they're risking a massive lawsuit.
Turns out, in this case, the threat was real. After a year of litigation, the case went to trial in December 2015. Before the trial, the judge had already ruled that Cox unlawfully blew off key provisions of the Digital Millennium Copyright Act and so wasn't protected by its "safe harbor" against litigation. The jury found against Cox and ordered the cable company to pay $25 million. That result is now on appeal, but in the meantime, US District Judge Liam O'Grady considered various post-trial motions, including one in which BMG requested legal fees.
O'Grady chose to award BMG $8.38 million in attorneys' fees, which is 80 percent of what the company asked for. BMG's motion for "nontaxable expenses" like travel expenses and expert witness fees, which asked for nearly $3 million, was denied. BMG's request for court costs such as transcripts, copies, and filing fees was granted, with the judge finally arriving at $146,790.76 after making various deductions.
A rare alliance of Democratic and Republican members of the US Congress could lead to increased restrictions on how police officers can deploy so-called Stingray cell phone trackers. These devices are regularly used to investigate suspected criminals, but the nature of the system means a lot of innocent Americans are caught up in the dragnet. This bill would force police to get warrants before using Stingrays.
The legislation was introduced Wednesday, and is called the Geolocation Privacy and Surveillance (GPS) Act. Congress does love its clever acronyms. The bill was sponsored by unlikely allies Sen. Ron Wyden (D-Oregon), Rep. Jason Chaffetz (R-Utah), and Rep. John Conyers (D-Mich). That means essentially the same bill exists in the House and Senate, which both need to pass the legislation before it can become a law.
[...] Police have long maintained that the use of Stingrays does not constitute a "search," and as such does not require a warrant. The GPS bill seeks to force warrants before a Stingray could be used. That wouldn't stop Stingrays from being used in the US, of course. However, it would vastly reduce the frequency.
[...] If the bill is passed by Congress, it's up to President Trump to sign it. If law enforcement groups oppose it, he may decline to do so.
The Event Horizon Telescope (EHT) is finally ready to take a picture of Sagittarius A*. From April 5th to 14th this year, the virtual telescope that's been in the making for the past two decades will peer into the supermassive black hole in the center of our galaxy. EHT is actually an array of radio telescopes located in different countries around the globe, including the Atacama Large Millimeter/submillimeter Array in Chile.
By using a technique called very-long-baseline interferometry, the EHT team turns all the participating observatories into one humongous telescope that encompasses the whole planet. We need a telescope that big and powerful, because Sagittarius A* is but a tiny pinprick in the sky for us. While scientists believe it has a mass of around four million suns, it also only measures around 20 million km or so across and is located 26,000 light-years away from our planet. The EHT team says it's like looking at a grapefruit or a DVD on the moon from Earth.
To prepare the participating observatories, the team equipped them with atomic clocks for the most precise time stamps and hard-drive modules with enormous storage capacities. Since the scientists are expecting to gather a colossal amount of data, they deployed enough modules to match the capacity of 10,000 laptops. Those hard drives will be flown out to the MIT Haystack Observatory, where imaging algorithms will make sense of EHT's data, once the observation period is done.
Megaupload's business model isn't too far off from what cloud hosting providers such as Google Drive, Box, Spideroak, Dropbox, and the others still do today. Yet they are the only ones singled out for legal attacks over their business model.
Five years ago the US Government launched a criminal case against Megaupload and several of its former employees. One of the main allegations in the indictment is that the site only deleted links to copyright-infringing material, not the actual files. Interestingly, this isn't too far off from what cloud hosting providers such as Google Drive and Dropbox still do today.
[...] One of the main arguments in the indictment is that Megaupload would only disable a URL when it received a takedown notice, not the underlying file. As a result of the deduplication technology it employed, this meant that the file could still be accessed under different URLs.
[...] The apparent 'failure' to block infringing content from being uploaded by other users isn't illegal by definition. In fact, neither Google Drive nor Dropbox does this today. So how is the Megaupload situation different?
The main difference appears to be that Megaupload only removed the links that were reported as infringing, while Dropbox and Drive also prevent others from publicly sharing links to the same file. All three services keep or kept the original files on their servers though.
The Zcoin project announced yesterday that a typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price. Zerocoin, also known as Zcoin or XZC, is a cryptocurrency protocol built on top of Bitcoin that implements Zero-Knowledge proofs to guarantee complete financial privacy and anonymity. Zerocoin is the precursor of Zcash and Monero, two similar cryptocurrencies that provide extra anonymity for their users, much more than the standard Bitcoin currency can provide.
According to the Zcoin team, one extra character left inside Zerocoin's source code caused a bug that an unknown attacker discovered and used to his advantage in the last few weeks. "The bug from the typo error allowed the attacker to reuse his existing valid proofs to generate additional Zerocoin spend transactions," the Zcoin team said yesterday. This allowed the crook to initiate one transaction but receive the money multiple times over.
According to the Zcoin team, the attacker (or attackers) was very sophisticated and took great care to hide his tracks. They say the attacker created numerous accounts at Zerocoin exchanges and spread transactions across several weeks so that traders wouldn't notice the uneven transactions volume. Nonetheless, as transactions piled up, the Zcoin team saw that the two sides of their blockchain weren't adding up.
The Zcoin team says they worked with various exchanges to attempt and identify the attacker but to no avail. Out of the 370,000 Zerocoin he stole, the attacker has already sold 350,000. The Zcoin team estimates the attacker made a net profit of 410 Bitcoin ($437,000).
For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement. The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll), which is a library that enables applications to use graphics and formatted text on both the video display and a local printer.
According to a bug report filed by Google's Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft's security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable. Following subsequent tests, the researcher resubmitted his bug report in November, which Microsoft failed to patch in the 90 days interval Google allows vendors to fix bugs before going public with its reports.
This is the second time Google has taken this step against Microsoft after in November 2016 it disclosed details about a zero-day exploited by a cyber-espionage group known as APT28 (Strontium) a few days before Microsoft's November Patch Tuesday. Back then, Google said it took this step to allow users to protect themselves until Microsoft published a patch. Microsoft's Terry Myerson, Executive Vice President, Windows and Devices Group, didn't see it the same way, describing Google's actions as "disappointing" because it put customers at greater risk of exploitation.
Charles Henderson sold his car several years ago, but he still knows exactly where it is, and can control it from his phone.
[...] Manufacturers create apps to control smart cars — you can use your phone to unlock the car, honk the horn and find out the exact location of your vehicle. Henderson removed his personal information from services in the car before selling it back to the dealership, but he was still able to control the car through a mobile app for years.
That's because only the dealership that originally sold the car can see who has access and manually remove someone from the app. A full factory reset of the vehicle doesn't revoke mobile access, Henderson said. In order to revoke app access, you should go to a factory-authorized car dealership.
On smartphones, a factory reset wipes all the local data off the device so you can sell it to someone else. So-called internet of things devices store information in servers far away from the actual hardware. This means executing a factory reset on your car only resets the car — the data still exists in the cloud for other people to access.
The Washington Post reports that the "lower 48" states of the USA are enjoying spring-like weather. It quotes a meteorologist as saying 1495 record high temperatures have been reached during the month of February (as against 10 record lows); among them:
[Ed Note: it is actually Mangum, OK, not Magnum. The original WaPo article is incorrect.]
Mary Jo White, the former top government securities law enforcer, is returning to Debevoise & Plimpton, the New York-based law firm where she previously headed its litigation department.
Ms. White, who announced plans in November to leave the Securities and Exchange Commission as its chairwoman, will serve as senior chairwoman of the law firm, focusing on counseling boards and representing clients on significant and delicate legal matters, including companies facing crises involving multifaceted government investigations and cases.
[...] During her years at the commission's helm, she ran into criticism that the commission was not doing enough to punish companies and executives whose actions had battered the economy and created the 2008 financial crisis.
Reuters reports that General Motors will test thousands of self-driving electric cars in partnership with Lyft in 2018:
General Motors Co plans to deploy thousands of self-driving electric cars in test fleets in partnership with ride-sharing affiliate Lyft Inc, beginning in 2018, two sources familiar with the automaker's plans said this week. It is expected to be the largest such test of fully autonomous vehicles by any major automaker before 2020, when several companies have said they plan to begin building and deploying such vehicles in higher volumes. Alphabet Inc's Waymo subsidiary, in comparison, is currently testing about 60 self-driving prototypes in four states.
Most of the specially equipped versions of the Chevrolet Bolt electric vehicle will be used by San Francisco-based Lyft, which will test them in its ride-sharing fleet in several states, one of the sources said. GM has no immediate plans to sell the Bolt AV to individual customers, according to the source. The sources spoke only on condition of anonymity because GM has not announced its plans yet.
On Wednesday, a video surfaced of a Nintendo Switch in use, which gave us a good look at the device's software and how its menus work. Nintendo claims that the device in question had been stolen from a distributor.
The maker of the video had claimed that the Switch was a preorder that had shipped early, but walked those statements back. In a statement made to IGN, Nintendo said that the device and others had been stolen by the employee of a US distributor, and the one in the video had been resold.
Earlier this week, individuals claimed to prematurely purchase a small number of Nintendo Switch systems from an unspecified retailer. Nintendo has determined these units were stolen in an isolated incident by employees of a U.S. distributor, with one system being illegally resold. The individuals involved have been identified, terminated from their place of employment and are under investigation by local law enforcement authorities on criminal charges.
China said on Saturday that it was suspending all imports of coal from North Korea as part of its effort to enact United Nations Security Council sanctions aimed at stopping the country's nuclear weapons and ballistic-missile program.
The ban takes effect on Sunday and will last until the end of the year, the Chinese Commerce Ministry said in a brief statement posted on its website on Saturday. Chinese trade and aid have long been a vital economic crutch for North Korea, and the decision strips North Korea of one of its most important sources of foreign currency.
Coal has accounted for 34 percent to 40 percent of North Korean exports in the past several years, and almost all of it was shipped to China, according to South Korean government estimates.
The ban comes six days after the North Korean test of a ballistic missile that the Security Council condemned as a violation of its resolutions that prohibited the country from developing and testing ballistic missile technology.