Shared posts

15 May 17:39

Local root vulnerability in the kernel

by corbet
Commit b0a873ebb, merged for the 2.6.37 kernel, included an out of bounds reference bug that went undetected until Tommi Rantala discovered it with the Trinity fuzzing tool this April. It wasn't seen as a security bug by the kernel developers until an exploit was posted; the problem is now known as CVE-2013-2094. Mainline kernels 2.6.37-3.9 are vulnerable, but Red Hat also backported the bug into the 2.6.32-based kernel found in RHEL6. Expect distributor updates shortly.
15 May 00:13

Microsoft Reads Your Skype Chat Messages

by timothy
An anonymous reader writes "A Microsoft server accesses URLs sent in Skype chat messages, even if they are HTTPS URLs and contain account information. A reader of Heise publications notified Heise Security (link to German website, Google translation). They replicated the observation by sending links via Skype, including one to a private file storage account, and found that these URLs are shortly after accessed from a Microsoft IP address. When confronted, Microsoft claimed that this is part of an effort to detect and filter spam and phishing URLs."

Share on Google+

Read more of this story at Slashdot.



15 May 00:01

Psychiatrists Cast Doubt On Biomedical Model of Mental Illness

by samzenpus
jones_supa writes "British Psychological Society's division of clinical psychology (DCP) will on Monday issue a statement declaring that, given the lack of evidence, it is time for a 'paradigm shift' in how the issues of mental health are understood. According to their claim, there is no scientific evidence that psychiatric diagnoses such as schizophrenia and bipolar disorder are valid or useful. The statement effectively casts doubt on psychiatry's predominantly biomedical model of mental distress – the idea that people are suffering from illnesses that are treatable by doctors using drugs. The DCP said its decision to speak out 'reflects fundamental concerns about the development, personal impact and core assumptions of the (diagnosis) systems', used by psychiatry. The provocative statement by the DCP has been timed to come out shortly before the release of DSM-5, the fifth edition of the American Psychiatry Association's Diagnostic and Statistical Manual of Mental Disorders. The manual has been attacked for expanding the range of mental health issues that are classified as disorders."

Share on Google+

Read more of this story at Slashdot.



14 May 23:58

The Politics of Homosexuality, 20 Years Later

by Maria Popova

“Silence, if it does not equal death, equals the living equivalent.”

On May 10, 1993, The New Republic published a seminal essay by Andrew Sullivan — the magazine’s then-editor, currently purveyor of some of the internet’s finest political and cultural commentary on The Dish — titled “The Politics of Homosexuality.” Based on a series of talks he had given on college campuses around the United States and later included in his fantastic 1996 book Virtually Normal (public library), the intelligent treatise was in large part spurred by the impending ban on openly gay soldiers serving in the military, which spawned the notorious Don’t Ask Don’t Tell policy, and presages with remarkable lucidity today’s peaking debates about marriage equality.

Those of us who came of age in a culture that would rarely, if ever, entrap us in the pressure chamber of being “in” anything in order to come “out” of it, who have been free to live our lives with dignity and honesty and full ownership of our hearts, owe much of that privilege to Andrew’s tireless, paradigm-shifting advocacy over the past two decades.

He observes the “unnerving confusion of roles and identities”:

Where once there was only the unmentionable, there are now only the unavoidable: gays, “queers”, homosexuals, closet cases, bisexuals, the “out” and the “in”, paraded for every heterosexual to see. As the straight world has been confronted with this, it has found itself reaching for a response: embarrassment, tolerance, fear, violence, oversensitivity, recognition.

Presenting a taxonomy of the politics of homosexuality, Sullivan explores three main archetypes of relating to the issue — the conservatives, the radicals, and the moderates, all of whom engage in various and often conflicting forms of ghettoization and oppression — and offering a remarkably prescient admonition:

This fracturing of discourse is more than a cultural problem; it is a political problem. Without at least some common ground, no effective compromise to the homosexual question will be possible. Matters may be resolved, as they have been in the case of abortion, by a stand-off in the forces of cultural war. But unless we begin to discuss this subject with a degree of restraint and reason, the visceral unpleasantness that exploded earlier this year will dog the question of homosexuality for a long time to come, intensifying the anxieties that politics is supposed to relieve.

[…]

There are as many politics of homosexuality as there are words for it, and not all of them contain reason. And it is harder perhaps in this passionate area than in any other to separate a wish from an argument, a desire from a denial. Nevertheless, without such an effort, no true politics of sexuality can emerge.

He warns against radicalism’s particular brand of toxic paradox:

The trouble with gay radicalism … is the problem with subversive politics as a whole. It tends to subvert itself.

[…]

More important, the notion of sexuality as a cultural subversion distanced it from the vast majority of gay people who not only accept the natural origin of their sexual orientation, but wish to be integrated into society as it is. For most gay people – the closet cases and barflies, the construction workers and investment bankers, the computer programmers and parents — a “queer” identity is precisely what they want to avoid. In this way, the radical politics of homosexuality is caught in a political trap. The more it purifies its own belief about sexuality, the less able it is to engage the broader world as a whole. The more it acts upon its convictions, the less able it is to engage in politics at all.

This, Sullivan argues, is to the detriment of those most in need of an inclusive politics of identity:

“[Q]ueer” radicalism’s doctrine of cultural subversion and separatism has the effect of alienating those very gay Americans most in need of support and help: the young and teenagers. Separatism is even less of an option for gays than for any other minority, since each generation is literally connected umbilically to the majority. The young are permanently in the hands of the other. By erecting a politics on a doctrine of separation and difference from the majority, “queer” politics ironically broke off dialogue with the heterosexual families whose cooperation is needed in every generation if gay children are to be accorded a modicum of dignity and hope.

Despite the discussion of formal politics, in a sentiment that has been recently echoed, twenty years later, Sullivan argues that the most important political act a gay person can take is coming out:

Far more subversive than media-grabbing demonstrations on the evening news has been the slow effect of individual, private Americans becoming more open about their sexuality. The emergence of role models, the development of professional organizations and student groups, the growing influence of openly gay people in the media, and the extraordinary impact of AIDS on families and friends have dwarfed radicalism’s impact on the national consciousness. Likewise, the greatest public debate about homosexuality yet — the military debate — took place not because radicals besieged the Pentagon, but because of the ordinary and once-anonymous Americans within the military who simply refused to acquiesce in their own humiliation any longer. Their courage was illustrated not in taking to the streets in rage but in facing their families and colleagues with integrity.

In debunking the oft-cited similarity between discrimination based on ethnicity and discrimination based on sexual orientation, Sullivan points out that unlike skin color, which travels with the generations and thus offers an implicit bond of belonging, homosexuality occurs sporadically within the community and the family unit, and can thus produce even deeper isolation for the individual. He writes:

To reach puberty and find oneself falling in love with members of one’s own sex is to experience a mixture of self-discovery and self-disgust that never leaves a human consciousness. If the stigma is attached not simply to an obviously random characteristic, such as skin pigmentation, but to the deepest desires of the human heart, then it can eat away at a person’s sense of his own dignity with peculiar ferocity. When a young person confronts her sexuality, she is also completely alone. A young heterosexual black or Latino girl invariably has an existing network of people like her to interpret, support, and explain the emotions she feels when confronting racial prejudice for the first time. But a gay child generally has no one. The very people she would most naturally turn to — the family — may be the very people she is most ashamed in front of.

The stigma attached to sexuality is also different that that attached to race because it attacks the very heart of what makes a human being human: her ability to love and be loved. Even the most vicious persecution of racial minorities allowed, in many cases, for the integrity of the marital bond or the emotional core of a human being. When it did not, when Nazism split husbands from wives, children from parents, when apartheid or slavery broke up familial bonds, it was clear that a particularly noxious form of repression was taking place. But the stigma attached to homosexuality begins with such a repression. It forbids, at a child’s earliest stage of development, the possibility of the highest form of human happiness. It starts with emotional terror and ends with mild social disapproval. It’s no accident that later in life, when many gay people learn to reconnect the bonds of love and sex, they seek to do so in private, even protected from the knowledge of their family.

Arguing that anti-discrimination laws only scratch the surface of the problem rather than addressing its core, he writes:

They want to substitute for the traumatic and difficult act of coming out the more formal and procedural act of legislation. But law cannot do the work of life. Even culture cannot do the work of life. Only life can do the work of life.

But as insufficient as anti-discrimination laws may be, the notion of indoctrinating discrimination into the law is contrary to the very tenets on which a society claiming to be democratic is based:

The military ban is by far the most egregious example of proactive government discrimination in this country. By conceding, as the military has done, the excellent service that many gay and lesbian soldiers have given to their country, the military has helped shatter a thousand stereotypes about their nature and competence. By focusing on the mere admission of homosexuality, the ban has purified the debate into a matter of the public enforcement of homophobia. Unlike anti-discrimination law, the campaign against the ban does not ask any private citizens to hire or fire anyone of whom they do not approve; it merely asks public servants to behave the same way with avowed homosexuals as with closeted ones.

[…]

Its real political power — and the real source of the resistance to it — comes from its symbolism. The acceptance of gay people at the heart of the state, at the core of the notion of patriotism, is anathema to those who wish to consign homosexuals to the margins of society. [Even liberals] find it hard to fit the cause simply into the rubric of minority politics. For instead of seeking access, as other minorities have done, gays in the military are simply demanding recognition. They start not from the premise of suppliance, but of success, of proven ability and prowess in battle, of exemplary conduct and ability. This is a new kind of minority politics. It is less a matter of complaint than of pride; less about subversion than about the desire to contribute equally.

And yet, in another farsighted insight, Sullivan recognizes that the military ban is a microcosm of a much larger, much more deeply human concern — one currently on the precipice of a historic shift:

The critical measure necessary for full gay equality is something deeper and more emotional perhaps than even the military. It is equal access to marriage. As with the military, this is a question of formal public discrimination. If the military ban deals with the heart of what it is to be a citizen, the marriage ban deals with the core of what it is to be a member of civil society. Marriage is not simply a private contract; it is a social and public recognition of our personal integrity. Denying it to gay people is the most public affront possible to their civil equality.

Like a family engaged in the first, angry steps toward dealing with a gay member, the country has been forced to debate a subject honestly — even calmly — in a way it has never done before. This is a clear and enormous gain. Whatever the result of this process, it cannot be undone.

You can say that again, Andrew. No doubt in another twenty years, we’ll look back on these failings of democracy and human rights with the same profound cultural embarrassment that haunts our collective memory as it uncomfortably traces the issues that spurred Women’s Suffrage and the Civil Rights movement.

The move towards marriage equality between 1970 and 2012 via The Atlantic Wire

The heterosexuality of marriage is civilly intrinsic only if it is understood to be inherently procreative; and that definition has long been abandoned in civil society. In contemporary America, marriage has become a way in which the state recognizes an emotional and economic commitment of two people to each other for life. No law requires children to consummate it. And within that definition, there is no civil way it can logically be denied homosexuals, except as a pure gesture of public disapproval. . . .

In the same way, emotionally, marriage is characterized by a kind of commitment that is rare even among heterosexuals. Extending it to homosexuals need not dilute the special nature of that commitment, unless it is understood that gay people, by their very nature, are incapable of it. History and experience suggest the opposite. It is not necessary to prove that gay people are more or less able to form long-term relationships than straights for it to be clear that, at least, some are. Giving these people a right to affirm their commitment doesn’t reduce the incentive for heterosexuals to do the same, and even provides a social incentive for lesbians and gay men to adopt socially beneficial relationships.

The first couple to receive a same-sex marriage license in Washington state in December of 2012: Jane Abbott Lighty, 77, and Pete-e Peterson, 85, who have been together over 35 years. (Photo: David Ryder/Getty Images)

The law, thus, robs gay people of an essential human aspiration, making them keenly aware of the robbery, which takes place in broad daylight, at the public square:

Gay people always know this essential affirmation will be denied them. Thus their relationships are given no anchor, no endpoint, no way of integrating them fully into the network of family and friends that makes someone a full member of civil society. Even when those relationships become essentially the same — or even stronger — than straight relationships, they are never accorded the same dignity of actual equality. Husbands remain “friends”; wives remain “partners”. The very language sends a powerful signal of fault, a silent assumption of internal disorder or insufficiency. The euphemisms — and the brave attempt to pretend that gay people don’t need marriage — do not successfully conceal the true emotional cost and psychological damage that this signal exacts. No true progress in the potential happiness of gay teenagers or in the stability of gay adults or in the full integration of gay and straight life is possible, or even imaginable, without it.

These two measures — simple, direct, requiring no change in heterosexual behavior and no sacrifice from heterosexuals — represent a politics that tackles the heart of homophobia while leaving homophobes their freedom. It allows homosexuals to define their own future and their own identity and does not place it in the hands of the other. It makes a clear, public statement of equality, while leaving all the inequalities of emotion and passion to the private sphere, where they belong. It does not legislate private tolerance, it declares public equality. It banishes the paradigm of victimology and replaces it with one of integrity. It requires one further step, of course, which is to say the continuing effort for honesty on the part of homosexuals themselves. This is not easily summed up in the crude phrase “coming out”; but it finds expression in the myriad ways in which gay men and lesbians talk, engage, explain, confront, and seek out the other. Politics cannot substitute for this; heterosexuals cannot provide it. And while it is not in some sense fair that homosexuals have to initiate the dialogue, it is a fact of life. Silence, if it does not equal death, equals the living equivalent.

May 2013 New Yorker cover by Chris Ware, celebrating a Mother's Day of equality with a two-mom family

Don’t Ask Don’t Tell was signed into law seven months after “The Politics of Homosexuality” was published. It wasn’t repealed until 2011, three months after New York State passed its historic Marriage Equality Act allowing for gender-neutral marriage. On May 9, 2012, President Barack Obama declared his support for marriage equality.

Virtually Normal is excellent and enormously important in its entirety.

Today, Andrew writes about these issues and many more dimensions of contemporary culture, and is at the helm of yet another revolution, defying the broken model of funding journalism by breaking off from the media establishment and building an ad-free, reader-supported haven for intelligent cultural commentary. Join me in supporting him and his small team here.

Donating = Loving

Bringing you (ad-free) Brain Pickings takes hundreds of hours each month. If you find any joy and stimulation here, please consider becoming a Supporting Member with a recurring monthly donation of your choosing, between a cup of tea and a good dinner:


♥ $7 / month♥ $3 / month♥ $10 / month♥ $25 / month




You can also become a one-time patron with a single donation in any amount:





Brain Pickings has a free weekly newsletter. It comes out on Sundays and offers the week’s best articles. Here’s what to expect. Like? Sign up.

Brain Pickings takes 450+ hours a month to curate and edit across the different platforms, and remains banner-free. If it brings you any joy and inspiration, please consider a modest donation – it lets me know I'm doing something right. Holstee

14 May 23:54

Osaka's fascist mayor defends WWII policy of sexual enslavement: "a comfort women system is necessary. Anyone can understand that."

by Cory Doctorow

Toru Hashimoto is mayor of Osaka and co-founder of the Japanese Restoration Party. He's previously called for Japan to be run as a dictatorship; now he's made public comments defending the WWII Japanese military policy of enslaving women and giving them to soldiers to rape. He says that it was a necessary expedient to support hard-working soldiers.

He said last year that Japan needed "a dictatorship".

In his latest controversial comments, quoted by Japanese media, he said: "In the circumstances in which bullets are flying like rain and wind, the soldiers are running around at the risk of losing their lives,"

"If you want them to have a rest in such a situation, a comfort women system is necessary. Anyone can understand that."

He also claimed that Japan was not the only country to use the system, though it was responsible for its actions.

Japan WWII 'comfort women' were 'necessary' - Hashimoto (Thanks, Jack!)

(Image: Wikimedia Commons/aska27)

    


14 May 23:53

Highest-paid state employees: usually a school sports coach, sometimes a med school dean

by Cory Doctorow


Good to see America's educational priorities on such sound footing:

You may have heard that the highest-paid state employee in each state is usually the football coach at the largest state school. This is actually a gross mischaracterization: Sometimes it is the basketball coach.

Based on data drawn from media reports and state salary databases, the ranks of the highest-paid active public employees include 27 football coaches, 13 basketball coaches, one hockey coach, and 10 dorks who aren't even in charge of a team.

...Coaches don't generate revenue on their own; you could make the exact same case for the student-athletes who actually play the game and score the points and fracture their legs.

It can be tough to attribute this revenue directly to the performance of the head coach. In 2011-2012, Mack Brown was paid $5 million to lead a mediocre 8-5 Texas team to the Holiday Bowl. The team still generated $103.8 million in revenue, the most in college football. You don't have to pay someone $5 million to make college football profitable in Texas.

Infographic: Is Your State's Highest-Paid Employee A Coach? (Probably) [Reuben Fischer-Baum/Deadspin]

(via JWZ)

    


14 May 23:50

Buy a pressure cooker, get a free visit from the FBI!

by Mark Frauenfelder
Matthew says: "Talal Al-Rouqi, a Saudi student in Michigan, brought a pressure cooker filled with meat and rice to his friend's house for dinner. The next day, he was interrogated by FBI agents, who warned him not to venture outside again with the pressure cooker."
    


14 May 23:43

Live map of recent Wikipedia changes

by Mark Frauenfelder
Click on the name of an article to see what the person changed. Wikipedia Recent Changes Map. (Thanks, D.S. Deboer!)
    


14 May 23:23

First vatburger is ready to eat

by Cory Doctorow

After spending $250,000 worth of anonymously donated money, Mark Post from Maastricht University is ready to go public with his first vat-grown hamburger, which will be cooked and eaten at an event in London this week. Though they claim that it's healthier than regular meat, one question not answered in the article is the Omega 3/6 balance -- crappy, corn-fed, factory-farmed meet is full of Omega 6s and avoided by many eaters; the grass-fed, free-range stuff is higher in Omega 3s.

Yet growing meat in the laboratory has proved difficult and devilishly expensive. Dr. Post, who knows as much about the subject as anybody, has repeatedly postponed the hamburger cook-off, which was originally expected to take place in November. His burger consists of about 20,000 thin strips of cultured muscle tissue. Dr. Post, who has conducted some informal taste tests, said that even without any fat, the tissue “tastes reasonably good.” For the London event he plans to add only salt and pepper.

But the meat is produced with materials — including fetal calf serum, used as a medium in which to grow the cells — that eventually would have to be replaced by similar materials of non-animal origin. And the burger was created at phenomenal cost — 250,000 euros, or about $325,000, provided by a donor who so far has remained anonymous. Large-scale manufacturing of cultured meat that could sit side-by-side with conventional meat in a supermarket and compete with it in price is at the very least a long way off.“This is still an early-stage technology,” said Neil Stephens, a social scientist at Cardiff University in Wales who has long studied the development of what is also sometimes referred to as “shmeat.” “There’s still a huge number of things they need to learn.”

There are also questions of safety — though Dr. Post and others say cultured meat should be as safe as, or safer than, conventional meat, and might even be made to be healthier — and of the consumer appeal of a product that may bear little resemblance to a thick, juicy steak.

Engineering the $325,000 Burger [Henry Fountain/New York Times]

(via /.)

    


14 May 23:11

3D printed guns and the law: will judges be able to think clearly about digital files when guns are involved?

by Cory Doctorow

My latest Guardian column is "3D printed guns are going to create big legal precedents," and it looks at an underappreciated risk from 3D printed guns: that courts will be so freaked out by the idea of 3D printed guns that they'll issue reactionary decisions that are bad for the health of the Internet and its users:

More interesting is the destiny of the files describing 3D printed guns. These model-files have been temporarily removed from the internet at the behest of the US State Department, which is investigating the possibility that they violate the International Traffic in Arms Regulations. Wilson says that he's on safe ground here, because the regulations do not cover material in a library, and he says the internet is like a library. As this is taking place in the US, there's also the First Amendment to be considered, which limits government regulation of speech.

Here's where things get scary for me. Defense Distributed is headed for some important, possibly precedent-setting legal battles with the US government, and I'm worried that the fact that we're talking about guns here will cloud judges' minds. Bad cases made bad law, and it's hard to think of a more emotionally overheated subject area. So while I'd love to see a court evaluate whether the internet should be treated as a library in law, I'm worried that when it comes to guns, the judge may find himself framing the question in terms of whether a gun foundry should be treated as a library.

3D printed guns are going to create big legal precedents

    


14 May 18:01

CodeSOD: The Impossible Blob

by Lorne Kates

BlobConfig.config not found, said the error console of The Blob-- the "insane in every way" system Sep's company produced.

Because a millisecond earlier, The Blob erroneously determined Sep's computer already had a copy of the config file, and didn't automagically create it.

Because one second earlier, The Blob couldn't find the substring "No such file or directory" in the output of "ls -l %BlobDirectory%/BlobConfig.config"

Because five seconds earlier, Sep's local instance of The Blob issued that command to Sep's OS.

Because ten seconds earlier, The Blob (installed on localhost) connected via SSH to localhost

Because fifteen seconds earlier, The Blob ran an "cleverly" optimized routine to try to check for the existence of the system-critical config file.

Because five minutes earlier, Sep ran his local instance of The Blob for the first time.

Because thirty minutes earlier, Sep had configured everything on his brand new computer to his liking, except for the local instance of The Blob.

Because an hour earlier, Sep was assured by his coworker that The Blob would automagically configure itself on the new machine without intervention.

Because some years earlier, someone thought themselves clever enough to write the following optimization into The Blob's startup routine:

public void ConfigFileExistsOrCreate()
{
String result = null;
remoteCon = SSHConnection("localhost");
result = remoteCon.sendCmd("ls -l %BlobProfileDirectory%/BlobConfig.Config");

if (result.contains("No such file or directory"))
{
String fileContents = "smb://GlobalShared/UniversalBlobConfig.config";
remoteCon.putFile("BlobConfig.Config", fileContents, FileType.Link)
}
else
{
// no-op! File exists!
}
}

Because as clever as that person was for optimizing the creation of a static, 400 byte configuration file that itself was just a linkfile with a hard-coded path-- they weren't so clever as to remember the company was based in Switzerland.

Because hundreds of years earlier, French became one of the national languages of Switzerland: written, spoken, and more pertinently (and much later) available to select as a localizational language in Linux.

Which Sep had done.

ls: Impossible d'accéder à BlobConfig.Config: Aucun fichier ou dossier de ce type

Impossible, indeed.

[Advertisement] Make your team a DevOps team with BuildMaster. Pairing an easy-to-use web UI with a free base platform, BuildMaster gets you started in minutes. See how Allrecipes.com and others use BuildMaster to automate their software delivery.
12 May 19:27

Vulnerability Found In Skyrim, Fallout, Other Bethesda Games

by Soulskill
An anonymous reader writes "The author of this article goes over a format string vulnerability he found in The Elder Scrolls series starting with Morrowind and going all the way up to Skyrim. It's not something that will likely be exploited, but it's interesting that the vulnerability has lasted through a decade of games. 'Functions like printf() and its variants allow us to view and manipulate the program’s running stack frame by specifying certain format string characters. By passing %08x.%08x.%08x.%08x.%08x, we get 5 parameters from the stack and display them in an 8-digit padded hex format. The format string specifier ‘%s’ displays memory from an address that is supplied on the stack. Then there’s the %n format string specifier – the one that crashes applications because it writes addresses to the stack. Powerful stuff.'"

Share on Google+

Read more of this story at Slashdot.



12 May 19:26

California Lawmaker Wants 3-D Printers To Be Regulated

by Soulskill
Ben0mega

The first canon is armed.

New submitter phrackthat writes with news that California State Senator Leland Yee (D-S.F.) says he wants regulations to track who owns and uses 3-D printers. Yee's comments come in response to the recent news of Defense Distributed's successful test-firing of a 3-D printed gun. "He's concerned that just about anyone with access to those cutting-edge printers can arm themselves. 'Terrorists can make these guns and do some horrible things to an individual and then walk away scott-free, and that is something that is really dangerous,' said Yee. He said while this new technology is impressive, it must be regulated when it comes to making guns. He says background checks, requiring serial numbers and even registering them could be part of new legislation that he says will protect the public. Yee added, 'This particular gun has no trace whatsoever.'"

Share on Google+

Read more of this story at Slashdot.



12 May 19:06

Apple can decrypt iPhones for cops; Google can remotely "reset password" for Android devices

by Cory Doctorow

Apple apparently has the power to decrypt iPhone storage in response to law-enforcement requests, though they won't say how. Google can remotely "reset the password" for a phone for cops, too:

Last year, leaked training materials prepared by the Sacramento sheriff's office included a form that would require Apple to "assist law enforcement agents" with "bypassing the cell phone user's passcode so that the agents may search the iPhone." Google takes a more privacy-protective approach: it "resets the password and further provides the reset password to law enforcement," the materials say, which has the side effect of notifying the user that his or her cell phone has been compromised.

Ginger Colbrun, ATF's public affairs chief, told CNET that "ATF cannot discuss specifics of ongoing investigations or litigation. ATF follows federal law and DOJ/department-wide policy on access to all communication devices."

...The ATF's Maynard said in an affidavit for the Kentucky case that Apple "has the capabilities to bypass the security software" and "download the contents of the phone to an external memory device." Chang, the Apple legal specialist, told him that "once the Apple analyst bypasses the passcode, the data will be downloaded onto a USB external drive" and delivered to the ATF.

It's not clear whether that means Apple has created a backdoor for police -- which has been the topic of speculation in the past -- whether the company has custom hardware that's faster at decryption, or whether it simply is more skilled at using the same procedures available to the government. Apple declined to discuss its law enforcement policies when contacted this week by CNET.

It's not clear to me from the above whether Google "resetting the password" for Android devices merely bypasses the lock-screen or actually decrypts the mass storage on the phone if it has been encrypted.

I also wonder if the "decryption" Apple undertakes relies on people habitually using short passwords for their phones -- the alternative being a lot of screen-typing in order to place a call.

Apple deluged by police demands to decrypt iPhones [Declan McCullagh/CNet]

(via /.)

    


11 May 20:42

Microsoft YouTube App Strips Ads; Adds Download

by timothy
Ben0mega

This is a poor decision - anyone who earns money by youtube would suffer, which goes beyond Google.

An anonymous reader writes "Microsoft appears to be sticking a finger in Google's eye with the launch of its new YouTube app for Windows Phone. The app, ReadWrite has confirmed, strips out YouTube ads when it plays back videos and allows users to easily download video by way of a prominent 'download' button."

Share on Google+

Read more of this story at Slashdot.



11 May 01:49

400 ppm carbon dioxide? In my atmosphere?

by Maggie Koerth-Baker
It's true, at least for today. Although the real concern in climate science is average concentrations of carbon dioxide over much longer periods of time, surpassing the 400 ppm mark, even for a day, is a historic milestone. 400 ppm was once a level we talked about avoiding altogether through mitigation of greenhouse gas emissions. Now, it's a reminder that we're not really doing anything to circumvent the steady increase in global carbon dioxide concentrations and global average temperature. Happy Friday!
    


10 May 16:23

US State Department orders removal of Defense Distributed's printable gun designs

by Cory Doctorow
Ben0mega

so it begins...

The US State Department has ordered Defense Distributed to take down the designs for a working 3D printed gun, citing export control rules set out in the International Traffic in Arms Regulations. Defense Distributed's Cody Wilson is appealing, and says that ITAR does not apply to "non-profit public domain releases of technical files designed to create a safe harbor for research and other public interest activities" -- though this carve out is for works stored in a library. Wilson's appeal may turn, then, on whether the Internet is a library for the purposes of this regulation. In the meantime, the designs are still up on The Pirate Bay, and are for sale in printed form in an Austin bookseller. More than 100,000 copies of the designs were downloaded from Defense Distributed's servers in the brief time that they were online.

“Until the Department provides Defense Distributed with final [commodity jurisdiction] determinations, Defense Distributed should treat the above technical data as ITAR-controlled,” reads the letter, referring to a list of ten CAD files hosted on Defcad that include the 3D-printable gun, silencers, sights and other pieces. “This means that all data should be removed from public acces immediately. Defense Distributed should review the remainder of the data made public on its website to determine whether any other data may be similarly controlled and proceed according to ITAR requirements.”

Wilson, a law student at the University of Texas in Austin, says that Defense Distributed will in fact take down its files until the State Department has completed its review. “We have to comply,” he says. “All such data should be removed from public access, the letter says. That might be an impossible standard. But we’ll do our part to remove it from our servers.”

Wilson's project is raising some important legal questions, such as whether design files can be considered expressive speech under the First Amendment, and whether the Internet is a library. The question of code-as-speech was famously considered in the Bernstein case, where strong crypto was legalized. However, as we discovered in the 2600 case, judges are less charitably inclined to code-as-speech arguments when they're advanced by non-academics, especially those with counter-culture stances.

Impact litigation -- where good precedents overturn bad rules -- is greatly assisted by good facts and good defendants. I would much rather the Internet-as-library question be ruled on in a less emotionally overheated realm than DIY guns.

State Department Demands Takedown Of 3D-Printable Gun Files For Possible Export Control Violations [Andy Greenberg/Forbes]

(Thanks to everyone who sent this in!)

    


10 May 16:22

What is your state’s highest paid public employee?

by PZ Myers

America, you are all screwed up.

Map by state of highest paid public employees in US

The article also makes the point that the athletic programs these universities sponsor are major loss leaders, draining money away from education to pay off overpaid coaches.

10 May 16:19

A great mystery

by PZ Myers

repubscientists

(via)

10 May 16:19

Bake a Mean Spirited Censorship Pie with the Electronic Frontier Foundation

by Cory Doctorow

EFF is celebrating the new inductees into its Takedown Hall of Shame with a new cooking show! In this episode, EFF staffer Parker Higgins bakes a "Mean Spirited Censorship Pie" -- which is what all have to call the classic Southern dessert formerly known as "Derby Pie," now that Kern's Kitchen in Louisville is threatening to sue anyone who posts a family recipe with that name.

It's sarcastic, carbtastic, and informative -- delicious!

Baking With EFF: (Not) Derby Pie, the Trademarked Treat

    


10 May 01:52

Backdoor Targeting Apache Servers Spreads To Nginx, Lighttpd

by timothy
An anonymous reader writes "Last week's revelation of the existence of Linux/Cdorked.A, a highly advanced and stealthy Apache backdoor used to drive traffic from legitimate compromised sites to malicious websites carrying Blackhole exploit packs, was only the beginning — ESET's continuing investigation has now revealed that the backdoor also infects sites running the nginx and Lighttpd webservers. Researchers have, so far, detected more than 400 webservers infected with the backdoor, and 50 of them are among the world's most popular and visited websites." Here's the researchers' original report.

Share on Google+

Read more of this story at Slashdot.



10 May 01:50

Sleep Deprivation Lowers School Achievement In Children

by Soulskill
Ben0mega

Really? I thought it would do wonderful things!

New submitter josedu writes:"Sleep deprivation is a great, hidden problem that afflicts a great percentage of children in affluent countries. About 73% of 9- and 10-year-old children in the U.S. are sleep deprived, as are 80% of 13- and 14-year-olds. The new study thinks this is linked to the increased access to devices such as mobile phones and laptops late at night. One of the researchers put it very simply: 'Our data show that across countries internationally, on average, children who have more sleep achieve higher in maths, science and reading.' This disruption is also causing schools to dumb-down their instruction to accomodate the reduced capacity of these kids. Thus, even the kids who are getting enough sleep will suffer. The long-term impact of sleep deprivation on nationwide education levels is enormous."

Share on Google+

Read more of this story at Slashdot.



10 May 01:49

US DOJ Say They Don't Need Warrants For E-Mail, Chats

by Soulskill
gannebraemorr writes "The U.S. Department of Justice and the FBI believe they don't need a search warrant to review Americans' e-mails, Facebook chats, Twitter direct messages, and other private files, internal documents reveal. Government documents obtained by the American Civil Liberties Union and provided to CNET show a split over electronic privacy rights within the Obama administration, with Justice Department prosecutors and investigators privately insisting they're not legally required to obtain search warrants for e-mail."

Share on Google+

Read more of this story at Slashdot.



10 May 01:39

Printable Gun Downloads Top 100k In 2 Days, Thanks to Kim Dotcom

by timothy
Sparrowvsrevolution writes "The promise of a fully 3D-printable gun is that it can spread via the Internet and entirely circumvent gun control laws. Two days after that digital weapon's blueprint first appeared online, it seems to be fulfilling that promise. Files for the printable gun known as that 'Liberator' have been downloaded more than 100,000 times in two days, according to Defense Distributed, the group that created it. Those downloads were facilitated by Kim Dotcom's startup Mega, which Defense Distributed is using to host the Liberator's CAD files. And it's also been uploaded to the Pirate Bay, where it's one of the most popular files in the filesharing site's uncensorable 3D printing category."

Share on Google+

Read more of this story at Slashdot.



09 May 02:01

SlickWrite Proofreads Your Writing and Provides Statistical Feedback

by Eric Ravenscraft
Ben0mega

i will have to look back at this after i write something of significant length

Spellcheck can only go so far to ensure you're writing something worth reading. SlickWrite analyzes your writing for grammar, common mistakes, and even provides statistical analysis of your text.

Read more...

    


09 May 01:52

Why Isn't Gatsby in the Public Domain?

by Parker Higgins

When The Great Gatsby rolls out to theaters across the country this weekend, it will bring to the screen a story familiar to millions from a literary classic that's often dubbed the proverbial "Great American Novel." Here’s what many folks don’t know: even though the book was published nearly 90 years ago and is a long-established part of our shared cultural heritage, it has not yet entered the public domain.

Yes, even though F. Scott Fitzgerald died 73 years ago (and is therefore unlikely to be incentivized to produce more work), The Great Gatsby is still restricted by copyright.

F. Scott and Zelda Fitzgerald

In fact, it won't be truly free to the American public until January 1, 2021 — and even then only if copyright terms aren't extended again. Thanks to the 1998 Sonny Bono Copyright Term Extension Act, no published US works will enter the public domain until 2019.1 Some countries have slightly saner copyright terms, but the U.S. Trade Rep is working diligently to use international agreements like the TPP to ratchet up terms around the world.

Still worse, a tragic 2012 Supreme Court decision declared that even once in the public domain, works can be yanked back out by Congressional action. Between excessively long copyright terms and the uncertainty of public domain status, creating new works that depend on the commons has become difficult and dangerous.

We feel the pernicious practical effects of lengthy copyright terms every day. For example, a study last year of books on Amazon showed that books published after the critical public domain cut-off date of 1923 are available at a dramatically lower rate than books from even an entire century before. The result is a "missing 20th century" in the history of books.

Nor is the problem confined to books. Another study by an MIT economist examined an archive of baseball magazines that included some issues in the public domain and some still burdened by copyright. By contrast, images from the public domain issues can be digitized and redistributed, and so their availability has greatly improved the quality—and thus increased the readership and editing engagement—of Wikipedia articles on baseball players from that era.

You may or may not care about particular baseball players from the 1960s, but the situation repeats itself over and over again across different fields. In the name of preserving profits for a handful of rightsholders, our cultural history is left to decay in legally imposed obscurity.

A diminished public domain doesn't just rob us of past works, but of the future works that could rely on an expanded public domain. Rightsholders have the power to veto derivative works simply by refusing to license the  works. And if the rightsholder can't be tracked down or confirmed — a real possibility when we’re talking about works that are nearly a hundred years old — the difficulty of getting a license can halt production altogether.

Ironically, this hurts the same studios that pushed the Copyright Term Extension Act in the first place. Adapting well-known works is a powerful way to reach an audience familiar with the characters and story, and a strong public domain provides fertile grounds for new works. For example, Disney’s early films mined the public domain freely, leading to classic versions of well-known fairy tales, but its lobbying for expanded copyright restrictions has deprived others — and the public — of the same possibilities.

Gatsby director Baz Luhrmann himself took advantage of the public domain with his 1996 film Romeo + Juliet. The movie was, of course, a heavily modernized and modified version of Shakespeare's classic play—exactly the kind of thing that a rightsholder might veto for "artistic integrity," if there were a Shakespeare "estate" that were as good at lobbying as Disney and the MPAA.

But it was also a critical and popular success, racking up nearly $150 million at the box office, and the world of film would be a poorer place without it. It should be obvious to Hollywood the value of the public domain as a critical component of a thriving creative culture—both in artistic terms and economic ones. Bloating the copyright term may have seemed like a fine way to protect that year's profits, but ultimately it comes at a great cost to both Hollywood and the public interest.

  • 1. That is, no published works will enter the public domain through copyright expiration. However, works by the U.S. federal government, for example, are never subject to copyright restrictions, and the authors of some private works like the animated film "Sita Sings the Blues" have waived all copyright obligations.
Related Issues: 

Share this: Share on Twitter Share on Facebook Share on Google+ Share on Identi.ca Share on Diaspora  ||  Join EFF
09 May 01:49

Remote execution vulnerability in nginx

by corbet
The nginx web server suffers from a remotely exploitable buffer overflow that can lead to the execution of arbitrary code. Versions 1.4.1 and 1.5.0 contain the fix; there is also a workaround in the announcement. This seems like a good one to apply quickly.
09 May 01:48

BitTorrent Sees Sync Users Share Over 1PB of Data

by Unknown Lamer
An anonymous reader writes with an update on the rapid adoption of BitTorrent Lab's Sync tool. From the article: "BitTorrent on Monday announced an impressive milestone for its file synchronization tool Sync: users have synced over 1PB of data. The company says over 70 terabytes are synced via the tool every day. BitTorrent first announced its Sync software back in January and released a private alpha. Between then and April 23, when the company release a public alpha, users synced over 200TB worth of data. In other words, over the past 13 days users have synced over 800TB of data. At this rate, the service will pass 10PB before even hitting a stable release."

Share on Google+

Read more of this story at Slashdot.



09 May 01:44

Why Your New Car's Technology Is Four Years Old

by samzenpus
Lucas123 writes "While you can buy a 1TB hard drive for your computer for less than $100, Ford today offers 10GB. Don't expect much more anytime soon. Apart from the obvious — a car's development process can be four years long — the automotive industry also tends to be behind the tech curve because of a lack of equipment standardization. And, while it's possible for the industry to build modular infotainment systems that could be upgraded over the life of the car, there are no plans to do so. Instead, car companies intend to offer software upgradable vehicles through 4G connectivity and data storage and entertainment streaming through the cloud, which means they have to worry less about onboard hardware reliability and standardization."

Share on Google+

Read more of this story at Slashdot.



09 May 01:25

Hedge fund managers suck at making money (for you)

by Cory Doctorow

The Financial Times analyzed the stock picks of the presenters at this week's Ira Sohn Investment conference in NYC and found that, on average, following a hedge fund manager was a much worse bet than buying passive index funds (though a couple hedgies did do pretty well last year, they were dragged down by the spectacularly wrong advice from the majority):

But a Financial Times analysis of last year's tips shows decidedly mixed results. An investor who followed every top idea from the 12 speakers last year would have made 19 per cent, less than the 22 per cent gain available from a passive index fund tracking the US stock market.

Many of the ideas have proved woefully miscued, including some from the most high-profile managers who will return to the stage on Wednesday: David Einhorn of Greenlight Capital and Bill Ackman of Pershing Square.

Tips From Wall Street Hedge Fund Gurus Fail to Reward Faithful