Last year, Devin Nunes co-sponsored the Discouraging Frivolous Lawsuits Act. Twelve days ago, he voted for a House Amendment "to express a sense of Congress that free speech should be protected."

And yesterday, he sued an internet cow for making fun of him.

By now you may have heard, as first reported by Fox News, that Rep. Devin Nunes -- who spent two years making a total mockery of the House Intelligence Committee -- has decided to sue Twitter and some satire accounts, and a real political commentator for a variety of "offenses" from defamation to shadow banning. The complaint, filed in a local court in Virginia, is not yet available anywhere but Fox News' posting of it (so you can click the link above, but we can't embed it yet).

Let's just get the first part out of the way: the complaint is utter nonsense. It is a complete joke. It makes a total mockery of the judicial system and its an embarrassment that Nunes thought this was a good idea. We'll get into the details in a moment, but rest assured, we see a lot of really dumb lawsuits, and this one is up there on the list of truly special ones.

At the very least, it highlights exactly what kind of content gets under his skin. It's mostly a bunch of dumb tweets mocking Nunes that not that many people saw... and now absolutely everyone will see. Apparently, Rep. Nunes has never heard of the Streisand Effect, but he's learning quite a bit about it now.

Let's dig in. The caption for the lawsuit is... truly special:

If you can't see that, it lists Nunes as the plaintiff followed by four defendants: Twitter, Liz Mair, and then two obviously satirical Twitter accounts: @DevinNunesMom and @DevinCow. Yeah.

The lawsuit does not get any better from there. He's seeking $250 million and almost every argument in the lawsuit is beyond laughable. The very first footnote, on the first page, completely misrepresents Section 230 of the CDA to a laughable degree:

The term “information content provider” means any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service. See Title 47 U.S.C. § 230(f)(3). The word responsible ordinarily has a normative connotation. See The Oxford English Dictionary 742 (2nd ed. 1998) (stating one definition of responsible as “Morally accountable for one’s actions.”). As one authority puts it: “[W]hen we say, ‘Every man is responsible for his own actions,’ we do not think definitely of any authority, law, or tribunal before which he must answer, but rather of the general law of right, the moral constitution of the universe....” James C. Fernald, Funk & Wagnalls Standard Handbook of Synonyms, Antonyms, and Prepositions 366 (1947). Synonyms for responsibility in this context are blame, fault, guilt, and culpability. See Oxford American Writer’s Thesaurus 747 (2nd ed. 2008). Accordingly, to be “responsible” for the development of offensive content, such as defamation, one must be more than a neutral conduit for that content. One is not “responsible” for the development of offensive content if one’s conduct was neutral with respect to the offensiveness of the content (as would be the case with the typical Internet bulletin board). We would not ordinarily say that one who builds a highway is “responsible” for the use of that highway by a fleeing bank robber, even though the culprit’s escape was facilitated by the availability of the highway. Twitter is “responsible” for the development of offensive content on its platform because it in some way specifically encourages development of what is offensive about the content. FTC v. Accusearch, Inc. , 570 F.3d 1187, 1198-1199 (10th Cir. 2009) (citing Fair Housing of Council of San Fernando Valley v. Roommates.com, LLC , 521 F.3d 1157, 1168 (9th Cir. 2008) (“a website helps to develop unlawful content …if it contributes materially to the alleged illegality of the conduct.”)

This is totally misrepresenting Section 230 and a variety of lawsuits around it. It focuses in, bizarrely, on the definition section 230(f)(3) ignoring what the law actually says in 230(c)(1) and (2) about the lack of liability for the platforms. Instead, it focuses narrowly on "responsible" as if that's all the law says. It's wrong and no court agrees with this analysis. Indeed, it misrepresents two key CDA 230 cases to try to make this point. The Accusearch case involved a databroker that sold user data, and tried to claim Section 230 immunity after the FTC sued. But as the court found, since Accusearch itself was selling the data, and that was the action the FTC went after the company for, it was liable for those actions, not the user-generated content. And, in the Roommates case, the 9th Circuit was pretty clear that while Roommates could be found liable for violating the Fair Housing Act, it would only be on the specific content that Roommates.com itself created (namely, a pulldown menu for users to disclose their sex, family status and sexual orientation -- which the court ruled could lead to discrimination). Again, in both cases, the law is specifically applied not to any of the content by users, but specifically to direct content or actions done by the platforms themselves.

Nunes is trying to use those cases to argue that Twitter loses its CDA 230 immunity because it's moderating content, because those moderation choices are actions, a la what happened in Accusearch and Roommates:

Twitter is an information content provider. Twitter creates and develops content in whole or in part, through a combination of means: (a) by explicit censorship of viewpoints with which it disagrees, (b) by shadow-banning conservatives, such as Plaintiff, (c) by knowingly hosting and monetizing content that is clearly abusive, hateful and defamatory – providing both a voice and financial incentive to the defamers – thereby facilitating defamation on its platform, (d) by completely ignoring lawful complaints about offensive content and by allowing that content to remain accessible to the public, and (e) by intentionally abandoning and refusing to enforce its so-called Terms of Service and Twitter Rules – essentially refusing to self-regulate – thereby selectively amplifying the message of defamers such as Mair, Devin Nunes’ Mom and Devin Nunes’ cow, and materially contributing to the libelousness of the hundreds of posts at issue in this action.

This interpretation literally ignores basically every Section 230 decision (other than the two it misreads entirely) and completely ignores the entire point of the law, which is to immunize platforms in response to their moderation choices. Remember, CDA 230 was passed in response to the ruling in Stratton Oakmont v. Prodigy that found Prodigy liable for moderation choices it had made. The entire point of the law is that making moderation choices for user content leaves you immune from liability.

Furthermore, there is no actual evidence of conservative bias on Twitter, and another lawsuit claiming the same thing got tossed out just last week. As for the claim of "shadowbanning," Nunes is again completely misrepresenting reality. Last year, we wrote about this (in the context of Devin Nunes grandstanding on this), but the claims of "shadowbanning conservatives" was based on a misleading report in Vice. There was a temporary glitch in Twitter's "autocomplete" feature, that meant that some users' names did not show up in the autocomplete pulldown, and some people noticed that some of those impacted were well known conservatives. That's it. They were not shadowbanned. It was a temporary glitch for a very tiny feature (autocomplete) that had no bearing on whether or not users could find those impacted. And it impacted over 100,000 users, not just conservatives.

The story we wrote last year mocked Nunes for insisting he was considering taking legal action over this, and we would have thought that maybe lawyers would have talked him off of this, but apparently not. In short, the entire legal basis for including Twitter in this lawsuit is nonsense.

And from there, the complaint gets even worse. Because most of the lawsuit is little snowflake Devin Nunes whining about how a couple of satirical Twitter accounts, as well as one Republican political commentator, mocked him mercilessly, and Nunes just can't take it. If you want to know how to get under Devin Nunes' insanely thin skin, he's just given the entire world a guide.

We seriously don't have enough time to go through all of the claims in the lawsuit, but suffice it to say almost all of them are (a) opinions, (b) opinions based on clearly disclosed facts, or (c) rhetorical hyperbole. And note: none of those are defamatory. Also, the complaints reveal what Nunes is most afraid of: people looking into his "family farm" that is so much a part of his origin story, as well as an investment he made in a Napa winery. While the lawsuit doesn't go after these two articles, he does seem to consider references to the following two articles magically defamatory. And therefore, you should probably join in with thousands of others people today in reading the following two articles from last year:

1. First up, an article in the Fresno Bee about Nunes investment in a Napa winery, with the following headline: "A yacht, cocaine, prostitutes: Winery partly owned by Nunes sued after fundraiser event." That can't look good. The details do show that it was merely a winery that Nunes had invested in, and there's no allegations that Nunes had anything to do with the yacht, cocaine or prostitutes, but Nunes has carefully tried to avoid commenting on it, leading to even more coverage. And Liz Mair keeps reminding him of all of this, leading Nunes to call the following tweet the "most egregious and defamatory" of her tweets towards Nunes:

This is not defamatory. The facts stated are not in dispute. The Fresno Bee wrote about the story. Nunes did invest in the winery. The winery was involved in a lawsuit where it was alleged that prostitution was used on a boat and it was alleged in the lawsuit that some of the prostitutes appeared to be underage.

2. Then we have this truly amazing story in Esquire by Ryan Lizza about how Devin Nunes' family sold their California farm, opened a new dairy farm in Rep. Steve King's district in Iowa, where nearly all of the farms in the area employ undocumented workers. The story is completely worth reading, and I would have never known about it, absent this lawsuit (there's a term for that...). Basically Lizza goes to Sibley, Iowa to try to track down why Nunes is so secretive about his family moving there, and discovers a friendly set of people in the town who readily admit that they think Steve King and Donald Trump's views on immigration are bad, and worry that ICE raiding the farms in the town would put all the farms out of business. But, then Lizza is basically chased out of town by Nunes family -- and, amazingly, at the same time a years-old article that Lizza had used to find out about the Nunes' farm in Iowa magically disappears from the internet.

The rest of the lawsuit, concerning the two satirical accounts @DevinNunesMom and @DevinCow are truly something to behold. This is "someone is mad online" in the form of a $250 million lawsuit. I mean, look, when your lawsuit has this paragraph, I'm afraid you've already lost:

Defendant, Devin Nunes’ Mom, is a person who, with Twitter’s consent, hijacked Nunes’ name, falsely impersonated Nunes’ mother, and created and maintained an account on Twitter (@DevinNunesMom) for the sole purpose of attacking, defaming, disparaging and demeaning Nunes. Between February 2018 and March 2019, Twitter allowed @DevinNunesMom to post hundreds of egregiously false, defamatory, insulting, abusive, hateful, scandalous and vile statements about Nunes that without question violated Twitter’s Terms of Service and Rules, including a seemingly endless series of tweets that falsely accused Nunes of obstruction of justice, perjury, misuse of classified information, and other federal crimes

This is followed by a bunch of tweets from @DevinNunesMom, almost all of which are clearly rhetorical hyperbole, accusing Nunes of not caring about his district and of engaging in obstruction of justice (a claim based on some of Nunes' activity as Chair of the House Intelligence Committee, in which he seemed much more focused on protecting the President, rather than actually doing his job). And then there's all of this, none of which is really defamatory. It's just part of being a public person (indeed, an elected official) online:

In her endless barrage of tweets, Devin Nunes’ Mom maliciously attacked every aspect of Nunes’ character, honesty, integrity, ethics and fitness to perform his duties as a United States Congressman. Devin Nunes’ Mom stated that Nunes had turned out worse than Jacob Wohl; falsely accused Nunes of being a racist, having “white supremist friends” and distributing “disturbing inflammatory racial propaganda”; falsely accused Nunes of putting up a “Fake News MAGA” sign outside a Texas Holocaust museum; falsely stated that Nunes would probably join the “Proud Boys”, “if it weren’t for that unfortunate ‘no masturbating’ rule”; disparagingly called him a “presidential fluffer and swamp rat”; falsely stated that Nunes had brought “shame” to his family; repeatedly accused Nunes of the crime of treason, compared him to Benedict Arnold, and called him a “traitor”, “treasonous shitbag”, a “treasonous Putin shill”, working for the “Kremlin”; falsely stated that Nunes was “100% bought and sold. He has no interest remaining for his constituents”; falsely accused Nunes of being part of the President’s “taint” team; falsely stated that Nunes was unfit to run the House Permanent Select Committee on Intelligence; falsely accused Nunes of “secretly hat[ing] the people he’s supposed to serve”; falsely accused Nunes of being a “lying piece of shit”; falsely stated that Nunes would lose custody of his children and was going to “the pen”; falsely accused Nunes of receiving pay for undermining “American Democracy”; falsely stated that Nunes was “the most despicably craven GOP public official” and that “Devin might be a unscrupulous, craven, back-stabbing, charlatan and traitor, but he’s no Ted Cruz”; falsely stated that Nunes was “voted ‘Most Likely to Commit Treason’ in high school”; falsely stated that “The people of California’s Central Valley are upright folk who work hard, look you square in the eye and give you a firm handshake. And then there is @DevinNunes”; falsely stated that Nunes is “not ALL about deceiving people. He’s also about betraying his country and colluding with Russians”; stated “I don’t know about Baby Hitler, but would sure-as-shit abort baby Devin”; falsely stated that “Alpha Omega wines taste like treason”; falsely stated that “@DevinNunes wanted me to tell everyone that he’ll be releasing a pic soon to get ahead of that AMI thing, and that it only looks that way because of all the blow”; falsely suggested that Nunes might be willing to give the President a “blowjob”; falsely stated “@Devin Nunes look @SpeakerRyan is removing @Rep_Hunter from his committee seat because he’s corrupt and incompetent. I wonder why he let you keep yours?”; falsely accused Nunes of “covering up Trump’s conspiracy against the United States”; falsely accused Nunes of lying to Congress; falsely accused Nunes of suborning “perjury”; falsely stated that “@Devin Nunes is DEFINITELY a feckless cunt”; falsely stated that “[i]f you vote for @Devin Nunes the terrorists win”; falsely stated “please don’t call @DevinNunes compromised. He’s not at all. He’s a complete and total fucking traitor”; falsely stated that Nunes was a “spy” in Congress “passing along information to the subject of a federal investigation”; falsely stated that Nunes knows “a thing or two about throwing away evidence, don’t you Scabbers”; falsely claimed that Nunes was “WANTED” and hiding and “hopes he doesn’t get indicted”; falsely claimed that Nunes would “probably see an indictment before 2020”; and even falsely stated that Nunes has “herp-face”.

Seriously, there is way too much to comment on in there, but pretty sure none of that is defamatory. It's mocking and disparaging, and lots of it contains rhetorical hyperbole, but defamatory? How do you prove whether or not someone has a "her face"? Also, apparently Nunes would like it to be known that he thinks it breaks the law to refer to him as a "presidential fluffer and swamp rat." Also, the "taint team" reference apparently makes it clear that Nunes and his lawyer don't understand puns. Which, you know, not a good look.

And then the part that is getting the most attention of all:

Many of the tweets were vile and repulsive, including tweets that depicted Nunes engaged in sexual acts with the President:

Right.

On to Devin's Cow.

Defendant, “Devin Nunes’ cow”, a person who, with Twitter’s consent, created and maintains an account on Twitter (@DevinCow) for the sole purpose of attacking and defaming Nunes. [https://twitter.com/devincow?lang=en]. @DevinCow has 1,204 followers. Like Devin Nunes’ Mom, Devin Nunes’ cow engaged a vicious defamation campaign against Nunes that lasted over a year. Devin Nunes’ cow has made, published and republished hundreds of false and defamatory statements of and concerning Nunes, including the following: Nunes is a “treasonous cowpoke”; “prosecutors” were “investigating Devin Nunes”; “Nunes needs to be investigated. He knew the truth, yet conspired with a criminal, @realDonaldTrump, to conceal the facts from the investigation. Nunes is a criminal too”; “718 more days until your term is up, Devin. Unless Mueller indicts you first”; “724 more days, Devin, unless the indictment comes first”; “It’s on, Ranking Member Nunes. #nunesindictment”; “Devin Nunes is a traitor”; “Devin Nunes used Leadership PAC funds on luxury vacay in his family’s native Portugal”; Nunes hung out with the Proud Boys at a private invite-only fundraiser; “Devin’s boots are full of manure. He’s udder-ly worthless and its pasture time to move him to prison”; “Devin is whey over his head in crime … I bet @DevinNunes’ cocaine yacht and underage prostitutes won Trump over #AlphaOmega!”

Incredibly, the lawsuit also whines about two other satirical accounts mocking Nunes, but doesn't sue them:

Among these additional Twitter accounts are “Fire Devin Nunes” (@fireDevinNunes) and “Devin Nunes’ Grapes” (@DevinGrapes). The additional Twitter accounts followed the same pattern as @DevinNunesMom and @DevinCow, and published the same false and defamatory statements Nunes was involved in underage prostitution, etc. Fire Devin Nunes published memes of Nunes in prison attire. In a July 30, 2018 post, Devin Nunes’ cow retweeted the following:

Complaining that one of the satirical accounts mocking you retweeted another satirical account mocking you does not suggest you're a big believer in free speech, Nunes.

Anyway, two other points on all of this. As first pointed out by Gabriel Malor, the supposed free speech supporting Devin Nunes first argues that "The ability to use Twitter is a vital part of modern citizenship" and that "Twitter is essential for an individual to . . . engage in any level of political organizing in modern America" just a few paragraphs before demanding that Twitter should permanently suspend Liz Mair's account. It actually goes beyond that. It doesn't just say these accounts should be permanently suspended, but that all of their likes should be removed.

In order to protect Nunes’s property interests and his reputation, Nunes requests the Court (a) to Order Twitter to reveal the names and contact information of the persons behind the accounts “Devin Nunes’ Mom”, “Devin Nunes’ cow”, “Fire Devin Nunes” and “Devin Nunes Grapes”, and (b) to permanently enjoin and order Twitter to suspend @LizMair, @DevinNunesMom and @DevinCow and to deactivate all hyperlinks to all tweets, retweets, replies and likes by @LizMair, @DevinNunesMom and @DevinCow that contain false and defamatory statements about Nunes.

Yeah, you see, while Twitter can make moderation decisions on its own, no court can order such a result, as it would clearly violate the First Amendment. You know, that thing that Nunes is supposedly sworn to protect.

The other key point. As the lawsuit notes, the @DevinCow account had 1,204 followers when the lawsuit was filed. This morning, just 1 day after the lawsuit was filed, it currently has 106,000. And it will probably have more by the time you look at it. The @DevinNunesMom account has been suspended by Twitter, however. Still, congrats to Devin Nunes for telling lots of people about these accounts, and just what kinds of satire you are unable to live with, and which you insist requires people pay you $250 million for.

Despite the fact that both Twitter and Nunes are based in California, Nunes chose to file the lawsuit in a local court in Virginia. Twitter and the other defendants may be able to remove it to federal court, but Virginia's anti-SLAPP law is not nearly as strong as California's. In particular, Virginia's anti-SLAPP law does not do the one thing most important in anti-SLAPP statutes: allow the defendants in SLAPP suits to stop lawsuits before they get ridiculously expensive:

Unlike California and other states, the Virginia statute does not create a special procedure for filing anti-SLAPP motions requiring judge’s to conduct an early assessment of the plaintiff’s probability of success; there is no presumptive limitation of discovery, and no provision for an interlocutory appeal when anti-SLAPP motions are denied.

That means that, as ridiculous as this lawsuit obviously is, it may still end up costing the defendants a lot of money to get it tossed out. And, thus, we have a case in which an elected official is using the burdens of the legal system to tie up some of his critics in a wasteful, time-consuming, expensive mess that could take years to resolve. That's an incredibly shameful thing for a politician who literally supported a bill against "frivolous lawsuits." Devin Nunes is deserving of mockery for a variety of reasons, and this lawsuit is one of them.

Permalink | Comments | Email This Story

ICE has been wanting full access to the billions of license plate records stored in ALPR databases for years. The DHS first floated the idea more than five years ago. It was reined in briefly in response to public backlash and Congressional criticism, but the idea of a national ALPR database was never truly killed off.

ICE was the agency sending out quote requests for a national database access. A few minimal protections were put in place, but all that was holding ICE back was logistics. The contract was finalized at the beginning of last year, hooking ICE up with ALPR records gathered by the hundreds of plate readers operated by local law enforcement agencies. Now, all that third party work is paying off.

More than 80 law enforcement agencies in the US have agreed to share with US Immigration and Customs Enforcement (Ice) license plate information that supports its arrests and deportation efforts, according to the American Civil Liberties Union (ACLU), which obtained a trove of internal agency records.

The documents acquired by the ACLU show that Ice obtained access to a database with license plate information collected in dozens of counties across the United States – data that helped the agency to track people’s locations in real time. Emails revealed that police have also informally given driver information to immigration officers requesting those details in communications that the ACLU said appeared to violate local laws and Ice’s own privacy rules.

When the agency takes the formal, contracted path to ALPR data, it's running through two third parties: Vigilant, the leading manufacturer of plate readers, and Thomson Reuters, a multimedia conglomerate that has added data brokering to its portfolio of journalistic endeavors.

The original proposal limited ICE's access to the 50 biggest metropolitan areas. That's a lot of ground already, but the agreement allows local law enforcement in other areas to give ICE permission to browse their end of the Vigilant database. Not that it ultimately matters. Vigilant doesn't seem to worry too much about siloing off data. Most law enforcement agencies are sharing data with lots of other agencies already, so intermingling is an inevitability.

It also appears there's no expiration data on a lot of the data ICE is accessing. According to the documents, over 9,000 ICE agents have access to years a plate/location data, allowing them to reconstruct people's movements over a long period of time.

Whatever restrictions exist on ICE's access to Vigilant databases are easily avoided.

Emails showed that a police detective in Orange county, California, repeatedly conducted database searches in response to requests from an Ice specialist in criminal investigations. The two appear to have worked together frequently over several years, with the Ice employee providing details of the immigration investigations (such as information from a target’s Facebook page) and the local detective responding with license plate information.

“I am here for ya. :),” the detective wrote in one email to Ice, which included a report. In another exchange, after the Ice officer said “hate to ask” for more reports, the detective responded: “Come on, you don’t really hate to ask.. :).”

As the ACLU points out, these informal requests allow ICE to bypass the internal processes that are supposed to ensure access to this wealth of plate/location data is justified. The communications contained in these documents show ICE repeatedly ignoring these requirements.

At this point, everything will have to be fixed in post. Cops have been utilizing plate readers for years and Vigilant has been storing the billions of plate records generated every year for just as long. The DHS never needed to build a national license plate/location database. One was being built while it put on its little charade about respecting rights and citizens' freedom to move around the country without being surveilled.

The ACLU is demanding legislators enact more privacy protections for this data and engage in some actual oversight, but that ship has been sailing for years. ICE's access was an inevitability. It enacted privacy protections just so it could ignore them by asking local law enforcement to perform database searches. And it was all sold to the public with assurances ALPR tech would hunt down car thieves, kidnappers, and violent criminals. In reality, it's being used to track people who've overstayed their visas.

Permalink | Comments | Email This Story

The program considered so "essential" NSA defenders said it couldn't even be slightly modified is apparently no longer in use. During a recent Lawfare podcast, national security advisor Luke Murry dropped a bit of a bombshell. Charlie Savage summarizes Murry's comments:

The National Security Agency has quietly shut down a system that analyzes logs of Americans’ domestic calls and texts, according to a senior Republican congressional aide, halting a program that has touched off disputes about privacy and the rule of law since the Sept. 11 attacks.

[...]

Mr. Murry brought up the pending expiration of the Freedom Act, but then disclosed that the Trump administration “hasn’t actually been using it for the past six months.”

“I’m actually not certain that the administration will want to start that back up,” Mr. Murry said.

Murry is referring to the Section 215 bulk data collection. Exposed by the Snowden leaks, Section 215 was modified by the USA Freedom Act, which went into effect June 2015. The biggest modification was where the records were stored. The NSA could no longer collect all phone records from providers and search through the data at its leisure. Instead, it had to provide telcos with lists of targeted numbers. The data remained in the hands of service providers, with the NSA only having access to suspicion-supported phone records.

The alterations to the Section 215 program resulted in the NSA purging a bunch of records that didn't fit the new parameters. The NSA finally let go of a few of its haystacks, conveniently destroying records integral to multiple lawsuits against the agency. The USA Freedom Act modifications -- combined with the NSA's long history of abusing its collection authorities -- seem to have made it impossible for the NSA to continue utilizing its phone records collection program.

The bulk records collection is now in the hands of telcos, resulting in a slimmed-down dataset the NSA didn't seem particularly enthused to have. Apparently the program is as useless as critics have said it is. The NSA has gone at least six months without asking for data via this authority. This program is due for renewal at the end of this year, but the comments made to Lawfare suggest the NSA may be content to let it expire.

Marcy Wheeler suggests a few underlying motivations for the NSA's abandonment of the Section 215 collection -- and one might be the Supreme Court's extension of Fourth Amendment protections to cell site location info.

[This] suggests that the problem with the records may not be the volume or the content turned over, but some problem created either by the specific language of the law or (more likely) the House Report on it or by the Carpenter decision. Carpenter came out on June 22, so technically after the NSA claims to have started deleting records on May 23. It also may be that the the NSA realized something was non-compliant with its collection just as it was submitting the 6th set of 180-day applications, and didn’t want to admit to the FISC that it had been breaking the law (which is precisely what happened in 2011 when the government deleted all its PRTT records).

Wheeler says the NSA may have been asking for location data as well to better track the phones it targeted. The IC may have seen the writing on the third-party wall following the Supreme Court's oral arguments in November 2017. This may account for its plug-pulling a month ahead of the decision's release.

Or it may be something far less respectful of the Constitution. It could be the NSA has found another way to collect this same data without having to run it by the newly-adversarial FISA court. As Wheeler points out, Section 215 may have been restricted but the powers granted by Executive Order 12333 continue to expand.

Whatever the real motivation, it appears the domestic surveillance program that never prevented a terrorist attack will continue to never prevent terrorist attacks. The upside is we may not be throwing any more tax dollars at a national security program that adds nothing to our nation's security.

Permalink | Comments | Email This Story

This is a video demonstration of MIT's new Mini Cheetah headless quadruped robot: a smaller, 20-pound version of their non-mini Cheetah robot previously seen HERE and HERE . What can it do? KILL. Plus trot over rugged terrain at twice the average human's walking speed, sidestep, walk diagonally and in spirals, and do backflips so it can flip over your head and attack from the rear. It can also swivel its legs to either walk right-side up OR upside-down, so if you thought flipping it on its back like a Koopa Troopa was going to save you, you were wrong and you are dead now. *stamps F on forehead* This concludes your robot apocalypse survival simulation. It'll be another $80 to take the test again, but you will receive a holographic sticker if you pass. Keep going for the video demonstration, the very end of which is a bunch of crash and burns. Thanks again to Ochre, who agrees it's time to ice the cake and wrap up this human party.

Most TVs these days come with a screensaver feature that by default, usually displays some kind of scenery designed to show off how vivid the TV looks. Usually, these screensavers can be customized, such as in the case with Android TV where users can link their Google Photos to their devices and use those photos as screensavers.

Unfortunately for Android TV users, those photos that you assumed were private might not have been so private after all. A user on Twitter by the name of Prashanth discovered that through the Google Home app, he could see a massive list of accounts belonging to other users who use the same television model.

In addition to that, he also found that he could access photos that they added to their Google Photos album. This means that in theory, someone could have used your photos as their Android TV’s screensaver without your knowledge. Now there are some conflicting reports on that front as some claim that this doesn’t work, so it is unclear if this was a one-time thing for the user who discovered the bug, or if it might vary from user to user.

Thankfully Google is aware of the issue and has temporarily disabled the ability to view photos from Google Photos on Android TV until they can get a fix out. They have also issued a statement on the matter:

“We take our users’ privacy extremely seriously. While we investigate this bug, we have disabled the ability to remotely cast via the Google Assistant or view photos from Google Photos on Android TV devices.”

When I access my Vu Android TV through the @Google Home app, and check the linked accounts, it basically lists what I imagine is every single person who owns this television. This is shocking incompetence. pic.twitter.com/5DGwrArsco

— prashanth (@wothadei) March 3, 2019

Source: Twitter (via XDA Developers)

As Techdirt has reported over the years, the move to open access, whereby anyone can read academic papers for free, is proving a long, hard journey. However, the victories are starting to build up, and here's another one that could have important wider ramifications for open access, especially in the US:

As a leader in the global movement toward open access to publicly funded research, the University of California is taking a firm stand by deciding not to renew its subscriptions with Elsevier. Despite months of contract negotiations, Elsevier was unwilling to meet UC's key goal: securing universal open access to UC research while containing the rapidly escalating costs associated with for-profit journals.

In negotiating with Elsevier, UC aimed to accelerate the pace of scientific discovery by ensuring that research produced by UC's 10 campuses -- which accounts for nearly 10 percent of all U.S. publishing output -- would be immediately available to the world, without cost to the reader. Under Elsevier's proposed terms, the publisher would have charged UC authors large publishing fees on top of the university's multi-million dollar subscription, resulting in much greater cost to the university and much higher profits for Elsevier.

The problems faced by the University of California (UC) are the usual ones. The publishing giant Elsevier was willing to move to an open access model -- but only if the University of California paid even more on top of what were already "rapidly escalating costs". To its credit, the institution instead decided to walk, depriving Elsevier of around $11 million a year (pdf).

But that's not the most important aspect of this move. After all, $11 million is small change for a company whose operating profit is over a billion dollars per year. What will worry Elsevier more is that the University of California is effectively saying that the company's journals are not so indispensable that it will sign up to a bad deal. It's the academic publishing equivalent of pointing out that the emperor has no clothes.

The University of California is not the first academic institution to come to this realization. National library consortiums in Germany, Hungary and Sweden have all made the same decision to cancel their subscriptions with Elsevier. Those were all important moves. But the University of California's high-profile refusal to capitulate to Elsevier is likely to be noted and emulated by other US universities now that the approach has been validated by such a large and influential institution.

As to where researchers at the University of California (and in Germany, Hungary and Sweden) will obtain copies of articles published in Elsevier titles that are no longer available to them through subscriptions -- UC retains access to older ones -- there are many other options. For example, preprints are increasingly popular, and circulate freely. Contacting the authors directly usually results in copies being made available, since academics naturally want their papers read as widely as possible.

And then, of course, there is Sci-Hub, which now claims to provide access to 70 million articles. Researchers that end up at Sci-Hub in search of a hard-to-find item may well discover how much more convenient it is than the traditional subscription services that impose strict controls on access to publications. The risk for Elsevier is that once researchers get a taste of quick, seamless access to everything, they may never want go back to the old system, however much the company slashes its prices to win back business.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Permalink | Comments | Email This Story

The ugly Houston PD drug raid that resulted in four injured officers and two dead "suspects" just keeps getting uglier.

Officers swore a confidential informant purchased heroin from 59-year-old Dennis Tuttle in the house he shared with his wife of 21 years, Rhogena Nicholas. They swore the CI told them the house was filled with heroin packaged for purchase.

On the strength of this confidential informant's claims, officers obtained a no-knock warrant and raided Tuttle's house. The officers claimed Tuttle opened fire on them and that his wife tried to grab a shotgun from a downed officer. This was the supposed reason for SWAT team's killing of Tuttle and Nicholas.

This was the narrative everyone was given. Not a single officer was wearing a body cam, despite the department possessing dozens of them. The only footage that survived -- captured by a neighbor's security camera -- was confiscated by the Houston PD.

Even in this vacuum of information, the PD's narrative quickly fell apart. No large amounts of heroin were found during the raid -- just personal use quantities of heroin cocaine and marijuana. The inventory also included a few guns, which the PD has treated as inherent evidence of criminality despite the fact both Tuttle and his wife could legally own the weapons found in the house. The only criminal history either of them had was an old misdemeanor charge for a bad check.

Now that the PD's investigation into this raid is underway, it's becoming clear the official narrative -- a daring no-knock raid that took out dangerous heroin dealers -- isn't going to survive. The new narrative already includes multiple lies by police officers and a lot of supporting evidence.

First off, the raid inventory does not include the weapon officers claimed Tuttle fired at them.

The other four items in the inventory are guns: a 20-gauge Beretta ALS shotgun, a 12-gauge Remington 1100 shotgun, a Remington 700 bolt-action rifle, and a .22-caliber Winchester 190 semi-automatic rifle. The list does not include the .357 Magnum revolver that police say Tuttle fired at the officers who broke into his home, shot his dog, and killed his wife.

It also doesn't include the money the CI paid for the heroin or the weapon he claimed Tuttle was carrying.

Nor does it mention the 9mm semi-automatic handgun that the C.I. supposedly saw in the house the day before, which apparently disappeared along with the heroin and the money.

The PD also claimed the investigation was initiated by an anonymous call claiming the couple were selling drugs from their house. Since that initial press salvo by Chief Art Acevedo, information has come out indicating the "tip" was neither anonymous nor did it reference drug dealing.

A 911 call from the mother of now-deceased suspect Rhogena Nicholas put 7815 Harding Street on police radar. Sources close to the investigation say her mother called reporting the 58-year-old was doing drugs inside her own home.

It only gets worse. According to statements from officers now under investigation, it appears the Houston PD raided a house, shot a dog, and killed two people over drugs a police officer had stashed in his vehicle. (As is pointed out in the comments, the current version of the Chronicle's article has reworded these two paragraphs slightly. Here's a link to an archived version containing this pull quote.)

In the original warrant - the one used to justify the raid - [Officer Gerald] Goines wrote that he watched the buy and, along with Bryant, identified the substance as heroin. But when investigators went back to talk to [Officer Steven] Bryant, he admitted that he'd actually just retrieved two bags of heroin from the center console of Goines' car, at the instruction of another officer.

Though he then took the two bags of drugs for testing to determine that they were heroin, he eventually admitted that he had never seen narcotics in question before retrieving them from the car. That, the investigator noted, contradicts the search warrant affidavit filed before the raid, which indicates that Bryant "recognized the substance purchased by the CI as heroin."

This is absolutely terrifying. Investigators can't seem to locate the informant both officers claimed was a reliable source of intel, which suggests this person -- relied on in other Houston PD investigations -- doesn't even exist. None of the CIs interviewed by Houston investigators said they'd made the purchase detailed in the warrant affidavit.

How do citizens protect themselves against police officers willing to fabricate every aspect of an investigation in order to perform armed raids of their houses? Legally owning weapons means nothing when cops (and many courts) consider homeowners defending themselves from armed intruders a crime in and of itself. Two people are dead and no amount of late-arriving indictments is going to change that. Officers took a concerned mother's call about her daughter's drug use and turned it into a criminal conspiracy involving heroin and dangerous drug pushers armed to the teeth.

We have to grant law enforcement a massive amount of power in order for them to do their job. Time after time, they abuse the powers we've given them, wielding them like weapons against the same citizens they're supposed to answer to. Vast power has been paired with nearly nonexistent accountability to create an atmosphere where officers feel comfortable manufacturing evidence to support their adrenaline habits. This should be nightmare fuel for all Americans. Unfortunately, outside of those already attuned to the miserable state of American policing, this will appear to be nothing more than a couple of bad apples they can safely ignore.

Permalink | Comments | Email This Story

Chrome, Firefox, and Samsung Internet are great browsers for everyday users including myself. For most, these browsers have everything they need from robust rendering systems, incognito browsing and great speed. However, if you’re curious about what other browsers may be available that offer different and unique features, here are a few lesser know browsers that we think you should check out.

Kiwi Browser – Fast & Quiet

Kiwi is a new browser focusing on speed and security. The Kiwi browser uses the latest release of Chromium to ensure fast page loading on sites. One unique feature that this browser brings is that it’s the first Android browser that blocks hackers from using your device to mine crypto-currency. Using the Kiwi Browser is the ability to go to m.facebook.com and use Facebook Messenger to chat with your friends without having to install the Facebook application. Pop up ads can be annoying, but Kiwi includes a strong pop-up blocker.

Install Kiwi Browser 

CM Browser – Ad Blocker , Fast Download , Privacy

The CM Browser by Cheetah mobile has a high focus on privacy and security. Adblocking software prevents unwanted popups while the antivirus engine protects you from malicious code. CM Browser lets you download videos you come across while you surf the web and even customize the download location. Downloads are scanned for malware with a background check, ensuring your device stays protected. Once you are done browsing the web and close the CM Browser app, all history data is removed.

Install CM Browser 

Keepsafe Browser: Stay Private with a VPN & Vault

Privacy is important both on your device and when surfing the web. KeepSafe Browser is another app that understands this and includes protection while you browse. Set up a PIN or use your fingerprint to gain access to your browser and to keep unwanted guests from accessing the web. KeepSafe also blocks trackers and advertisers from gathering your information. The KeepSafe Browser also provides an additional level of security by natively including a VPN function helping minimize any potential hacks.

Install KeepSafe Browser

Puffin Web Browser

Puffin Browser is another browser that focuses on speed and security but handles it a little differently. Puffin shifts the page loading from the device to the cloud allowing faster webpage loading on your phones or tablets. As a result, traffic between the Puffin app and server is secure so you can safely use public wifi locations without any security concerns. The Puffin Browser also uses the latest release of Javascript and Flash. Theater mode lets you watch or play Flash games with minimal distraction.

Install Puffin Browser

Firefox Focus: The privacy browser

Firefox Focus is Mozilla’s privacy-focused browser. As with other browsers, Firefox Focus blocks numerous ad, analytics, and social trackers attempting to collect your browsing habits and data. You can easily remove your history, passwords, and cookies for improved browsing privacy. “Focus is next-level privacy that’s free, always on and always on your side — because it’s backed by Mozilla, the non-profit that fights for your rights on the Web.”

Install Firefox Focus

Software typically evolves through updates, where competent developers try to improve upon their apps by changing up the UI, introducing new features, and so on. However if users can’t be bothered to update them, then what the developer is trying to achieve through its software updates will fall through.

This is why Google has been sending out emails to developers to let them know that they are planning on testing out a feature where pre-installed Android system apps will automatically update themselves. This will happen even if the user is not signed into their Google account on their phone. According to Google:

“In the coming months, Google Play will begin testing a new feature that will automatically allow Google Play to update pre-loaded apps for users who didn’t sign in to a Google account. Users have the ability to turn off this feature at any time if they wish.

This new feature will provide users with a more consistent app experience across many devices and will allow them to access the best and newest features provided by developers. This should also help developers reduce overhead costs required to support obsolete app versions.”

This is said to be applicable on devices running on Android 5.0 Lollipop and higher. We’re not sure why users might have an Android phone that they aren’t signed into to begin with, but automatic updates could help deal with certain issues such as security, where a patch needs to be installed to close an exploit or vulnerability.

Source: PhoneArena

These days with privacy being such a hot topic, and with social media platforms playing hard and loose with our personal information for their own gain, there is a greater emphasis placed on protecting our privacy more so than ever. The good news is that if you use Google Voice, Google will be giving users the option to help mask their caller ID.

In the latest version of Google Voice for Android, it has been discovered that within the code of the app, there contain strings which references the ability for users to enable “Anonymous Caller ID” and “Hide your caller ID on outgoing calls”. This suggests that users will be able to turn this feature on and hide their caller IDs when making outgoing phone calls.

Now the ability to mask your caller ID using Google Voice (or other carriers) isn’t exactly a new feature as all users need to do is append *67 in front of a number. However with this new feature, users will be able to continuously mask their caller ID when making calls using Google Voice, plus it will be a nifty feature for users who weren’t aware of the *67 feature before that either.

While this will help mask your caller ID, there is a downside to doing so and that is there are some people who refuse to answer calls from anonymous callers or numbers they don’t know, so that’s something to take into consideration if you are planning on using this feature.

Source: 9to5Google

Tony Webster, writing for MPR News, has obtained court documents showing Minneapolis, Minnesota law enforcement agencies are deploying "reverse warrants" in hopes of tying suspects to crime scenes. A normal warrant targets a known object. Reverse warrants are loaded with unknowns -- an attempt to wrangle cell site location info into something that might lead police to a suspect. That's what these agencies are trying to do, but the approved warrants guarantee a sizable number of non-criminals will be swept up in the data haul.

Knowing the Silicon Valley giant held a trove of consumer mobile phone location data, investigators got a Hennepin County judge to sign a "reverse location" search warrant ordering Google to identify the locations of cellphones that had been near the crime scene in Eden Prairie, and near two food markets the victims owned in Minneapolis and St. Paul.

The scope of the warrant was so expansive in time and geography that it had the potential to gather data on tens of thousands of Minnesotans.

This new brand of warrant was first spotted last spring. Later that year, it was confirmed the feds were also using reverse warrants. These warrants are becoming more common, urged on by a private company pitching investigative methods and tools to law enforcement agencies.

[Brooklyn Park Deputy Police Chief Mark] Bruley said detectives learned about the potential value of the practice and how to write the warrant applications at an August training seminar held by ZetX, an Arizona-based company that teaches police about cellphone investigations, and sells software called TRAX that generates legal documents and maps cellphone data to assist in analysis. The company holds trainings all across the country.

[...]

The week after detectives attended the ZetX training in the Twin Cities, they wrote up their first three reverse location search warrants. By the next month, they had a dozen, each ordering Google to turn over information on devices located in the vicinity of crimes.

The warrants [PDF] demand Google turn over a bunch of data on every phone that happened to wander into a geofenced area around the time a crime was committed.

This warrant is directed to Google LLC, headquartered at 1600 Amphitheatre Parkway, Mountain View, California, and applies to (1) GPS, WiFi, Bluetooth or cellular sourced location history data generated from devices that reported a location within the geographical region bounded by the following latitudinal and longitudinal coordinates, dates, and times ("Initial Search Parameters")...

[...]

For each location point recorded within the Initial Search Parameters, Google shall produce anonymized information specifying the corresponding unique device ID, timestamp, coordinates, display radius, and data source, if available (the "Anonymized List").

As Webster notes, the warrants likely don't give judges any idea how many people will be swept up in these data requests. The warrants contain GPS coordinates but no map of the area covered. It's unlikely a judge can visualize the area covered just by looking at four coordinates. Judges may be able to enter those points into Google Maps to get some idea how much area is covered, but it doesn't appear any of the judges approached did anything more than briefly browse the warrants before signing them.

Here's how long it took to approve one requested by the Brooklyn Park PD:

No map was provided in the application to illustrate the area or accuracy level to the judge. This warrant was also issued within about 10 minutes of the detective requesting it.

Things moved even faster for Edina investigators:

About four minutes after the detective signed the application — which included no map of the targeted area — the judge approved it.

Webster has provided the maps the police wouldn't, which illustrate exactly how big an area is being covered by these reverse warrants. (Click through for a larger version.)

Given the scope of the area covered and the imprecise nature of location data, each warrant has the potential to generate a ton of false positives -- people who happen to live, work, or travel through these busy areas. If a map had been provided, there's a good chance judges would have taken a little longer considering these requests.

Or not.

Of the 22 reverse location search warrants issued in Hennepin County, only three times did the warrant applications include map demonstrating the geographic area being targeted by the warrant. And yet, the time difference between an officer signing a warrant request, and a judge approving it, was sometimes just a few minutes.

There's not a lot of good news from the law enforcement perspective either. Most of the reverse warrants failed to generate possible suspects. They also failed to generate false positives either, so that's a (very limited) plus. But I don't think a lack of success will deter investigators from seeking these warrants. Reverse warrants allow officers to perform a virtual canvassing of the neighborhood for possible suspects without expending much in the way of time or manpower.

Google appears to be pushing back when requests are excessive. This is all well and good, but Google's a one-stop shop for law enforcement thanks to its expansive data harvesting over the years. The initial pushback should be coming from judges, not the private sector. When it's up to a data-hungry megacorp to provide the first layer of protection for cellphone users' privacy, the judicial system is failing to do its job.

Permalink | Comments | Email This Story

ICE continues to make its own case for abolishment. The agency busies itself with neglecting detainees when not acting as the extension of major corporations to shut down infringing panties/websites. ICE is too big and it's getting bigger at a rate it can't sustain. To achieve the ends the President has set down for it, it's wearing itself thin trying to find the dangerous immigrants Trump keeps talking about or the bound-and-gagged women he insists are being brought across the border by the truckload.

It seemingly doesn't have the manpower to even capture just dangerous foreigners. Instead of using its resources more carefully, it's doing things like setting up fake colleges to capture dangerous criminals immigrants seeking educational opportunities. And it's continuing to outsource its responsibilities while taking an apparent hands-off approach to third party detention.

ICE's Inspector General released a report last summer stating the agency was failing to inspect detention facilities often enough or well enough. It found contractors performing government work were doing the job poorly. Detainees weren't being interviewed properly or given translators to overcome speech barriers. In some cases, detention personnel were not giving detainees access to services like phone calls to the ICE officers handling their cases. In some facilities, dangerous detainees were intermingled with non-criminals. In almost every case, ICE issued a waiver for deficiencies it actually observed. As far as the OIG could tell, dozens of deficiencies went unnoticed thanks to ICE's inability (or unwillingness) to perform mandatory inspections.

There's more bad news coming from the OIG's office about ICE's use of contractors to handle detainees. The latest report [PDF] delves into ICE's apparent unwillingness to hold anyone accountable. ICE can't be trusted to police itself, so it obviously can't be trusted to police its contractors.

This is the Inspector General's ultra-dry summary of the problems it discovered:

ICE does not adequately hold detention facility contractors accountable for not meeting performance standards. ICE fails to consistently include its quality assurance surveillance plan (QASP) in facility contracts. The QASP provides tools for ensuring facilities meet performance standards. Only 28 out of 106 contracts we reviewed contained the QASP.

That's only the beginning of it. From this missing paperwork, ICE moves even further away from anything resembling accountability. As was detailed in the last report, the IG points out ICE's "solution" to the few deficiencies it does decide to do anything about is the issuance of waivers, which magically make deficiencies acceptable protocol. ICE calls this a "multilayered" approach. The IG calls it nonexistent.

Between October 1, 2015, and June 30, 2018, ICE imposed financial penalties on only two occasions, despite documenting thousands of instances of the facilities’ failures to comply with detention standards. Instead of holding facilities accountable through financial penalties, ICE issued waivers to facilities with deficient conditions, seeking to exempt them from having to comply with certain detention standards. However, ICE has no formal policies and procedures about the waiver process and has allowed officials without clear authority to grant waivers. ICE also does not ensure key stakeholders have access to approved waivers.

To be more precise, ICE only imposed financial penalties twice, despite observing a jaw-dropping 14,003 deficiencies over the course of three years. ICE is blowing taxpayer money and expecting nothing in return. What's detailed in this report -- along with the IG release from last year -- is an agency repeatedly abusing the public's trust.

Our review of the corresponding payment data identified about $3.9 million in deductions, representing only 0.13 percent of the more than $3 billion in total payments to contractors during the same timeframe. ICE did not impose any withholdings during this timeframe.

When the agency whitewashes bad behavior by contractors, there's no paper trail. There's no follow up. And everyone involved seems to have no idea what's going on other than no one's going to be held responsible for their actions.

We analyzed the 68 waiver requests submitted between September 2016 and July 2018. Custody Management approved 96 percent of these requests, including waivers of safety and security standards.

Despite this high approval rate, ICE could not provide us with any guidance on the waiver process. Key officials admitted there are no policies, procedures, guidance documents, or instructions to explain how to review waiver requests. The only pertinent documents that ICE provided were examples of memoranda that Field Office Directors could use to request waivers of the detention standards’ provisions on strip searches. However, the memoranda did not acknowledge the important constitutional and policy interests implicated by a facility’s use of strip searches. ICE officials did not explain how Custody Management should handle such waiver requests when a contrary contractual provision requires compliance with a strip search standard.

ICE is handing out waivers for private companies to violate Constitutional protections afforded to detainees. These waivers are almost always indefinite. Each waiver is supposed to be followed up on to ensure the "deficiency" has been eliminated by the contractor. ICE has performed zero reviews or reassessments of these waivers.

The waivers have approved unconstitutional strip searches, as detailed above. They've also approved the commingling of violent criminals in general population, and the use of a chemical ten times more toxic than pepper spray to subdue detainees. As the report notes, detainees are being seriously harmed by the lax standards deployed by contractors, and ICE's response has been to shrug and issue waivers.

ICE is an active partner in the dehumanizing of immigrants, allowing private contractors to treat the human beings they're supposed to be taking care of like pieces of meat to be exchanged for cash. It's no better than ICE treats detainees itself, but a federal agency should be ensuring its very existence isn't a cancerous growth on the soul of this nation.

Permalink | Comments | Email This Story

Back in 2017, you might recall how hackers and security researchers highlighted long-standing vulnerabilities in Signaling System 7 (SS7, or Common Channel Signalling System 7 in the US), a series of protocols first built in 1975 to help connect phone carriers around the world. While the problem isn't new, a 2016 60 minutes report brought wider attention to the fact that the flaw can allow a hacker to track user location, dodge encryption, and even record private conversations. All while the intrusion looks like ordinary carrier to carrier chatter among a sea of other, "privileged peering relationships."

Telecom lobbyists have routinely tried to downplay the flaw after carriers have failed to do enough to stop hackers from exploiting it. In Canada for example, the CBC recently noted how Bell and Rogers weren't even willing to talk about the flaw after the news outlet published an investigation showing how, using only the number of his mobile phone, it was possible to intercept the calls and movements of Quebec NDP MP Matthew Dubé.

But while major telecom carriers try to downplay the scale of the problem, news reports keep indicating how the flaw is abused far more widely than previously believed. This Motherboard investigation by Joseph Cox, for example, showed how, while the attacks were originally only surmised to be within the reach of intelligence operators (perhaps part of the reason intelligence-tied telcos have been so slow to address the issue), hackers have increasingly been using the flaw to siphon money out of targets' bank accounts, thus far predominately in Europe:

"In the case of stealing money from bank accounts, a hacker would typically first need a target’s online banking username and password. Perhaps they could obtain this by phishing the target. Then, once logged in, the bank may ask for confirmation of the transfer by sending the account owner a verification code in a text message. With SS7, the hackers can intercept this text and enter it themselves. Exploiting SS7 in this way is a way to circumvent the protections of two-factor authentication, where a system not only requires a password, but something else too, such as an extra code."

Again the flaw isn't new; a group of German hackers widely demonstrated the vulnerability in 2008 and again in 2014. It's believed that the intelligence community has known about the vulnerability even earlier, and the hackers note that only modest headway has been made since German hacker Karsten Nohl first demonstrated it. Some mitigation efforts have been put into place, but not quickly or uniformly enough to constrain the exploitation of the flaw:

"The fundamental issue with the SS7 network is that it does not authenticate who sent a request. So if someone gains access to the network—a government agency, a surveillance company, or a criminal—SS7 will treat their commands to reroute text messages or calls just as legitimately as anyone else’s. There are protections that can be put in place, such as SS7 firewalls, and ways to detect certain attacks, but room for exploitation remains."

Senator Ron Wyden wrote to the FCC (pdf) in May of last year stating the agency hadn't done enough to pressure carriers into fixing the problem, but nothing much appears to have happened in the wake of that letter. Much like the cellular industry's location data scandals, it's likely going to take a few more high profile scandals to create enough momentum to drive actual change.

Permalink | Comments | Email This Story

This is the $750,000 home recently listed for sale on Redfin located at 1612 Norristown Road in Maple Glen, Pennsylvania (15 miles outside Philadelphia) that comes complete with 5 bedrooms, 2.5 baths, a gourmet kitchen, billiard room, exercise room, 3 fireplaces, and, oh yeah, an adult kink room in the basement that includes *eyeing real estate photos* honestly I have no clue what I'm looking at or how to use it without having to call an ambulance. Some more info while I whip myself silly with a Twizzler:

Full finished walk-out basement w bilco doors, includes a gym or 5th bedroom and also is a private adult sexual oasis. It can be converted back to a typical suburban basement. Home currently is being offered as an Air B & B rental @maisonxs that gets $750 a night on weekdays & $2000 a night on the weekends for private parties or entertainment.

Ah yes, the ol' Airbnb sex basement. I wonder what the cleaning deposit is. Honestly, at first I thought maybe the home had just staged for a very specific type of buyer, but now I see it's actually been making money being rented for Eyes Wide Shut retreats. Soooo.... "Airbnb it before it's sold?" Exactly, but we'll have to use your account, I got banned for burning down a condo in Palm Springs. UPDATE: Video tour of basement added! Keep going for one more shot of the kink room and of the very unassuming exterior. Also, I thought the suit of armor in the corner was a nice touch to remind visitors that what happens in Maple Glen stays in Maple Glen. Thanks to Joe M, who mentioned living only about an hour away from the house, but unfortunately didn't mention anything about going halfsies on it.

A source close to the Trump administration claims that the President is planning to sign an executive order next week which would ban equipment built by Chinese companies to be used by US network operators. Political is citing three different sources which all corroborate the same report. Analysts claim that there’s a big push by the administration to get the executive order signed before Mobile World Congress which is scheduled for the last week February in an effort to send a clear message to the mobile industry that cybersecurity will be a priority for the US.

The reason behind the executive order is to ensure that the Chinese government doesn’t have a hand in building our 5G networks in the US. Huawei and ZTE are two of the leading network infrastructure players on the globe, but both companies have close ties to the Chinese government. While the US security services have not been able to provide any clear evidence that either of these companies have used their communications infrastructure around the globe for nefarious purposes, both have been on the hot seat recently for breaking trade embargoes, stealing trade secrets, fraud and a whole lot more.

Cutting out Huawei, ZTE and other companies from bigging on the massive 5G buildout here in the US will likely have a significant impact on the financials of these companies but it will also increase the costs network providers will pay for their 5G deployment – a cost which will ultimately be pushed on to consumers.

Source: Politico

A few years after law enforcement officials claimed Google's Waze navigation app allowed cop killers to stalk cops, the NYPD is demanding Google alter one of its apps (Google Maps, which incorporates certain Waze features) so it works more like the NYPD wants it to work, rather than how drivers want it to work. Gersh Kuntzman of Streetsblog NYC was the first to obtain a copy of a cease-and-desist sent to Google by the NYPD.

The NYPD is demanding that Google remove a just-added feature to its omnipresent Maps program that tips off drivers to the locations of speed cameras, Streetsblog has learned.

Google added the speed camera notification as part of its effort to incorporate some of the crowd-sourced features of Waze, which the tech giant bought in 2013. The Waze app shows the locations of police checkpoints as well as what some drivers call “speed traps,” but what police believe are life-saving enforcement efforts.

The NYPD sent its “cease-and-desist” letter to Google over the weekend — after Streetsblog asked officials’ about the Waze feature that allows drivers to inform each other of police roadblocks.

The NYPD is upset because the new notifications allow drivers to route around DWI roadblocks. The NYPD apparently feels allowing drivers to bypass checkpoints will make the streets less safe and prevent the police force from enjoying the side benefits of dozens of suspicionless stops.

There are a number of reasons drivers may not want to interact with the NYPD, most of which have nothing to do with driving drunk. A police checkpoint is a hassle for anyone wanting to go from Point A to Point B, especially when every driver in line is presumed guilty until cleared by officers. It's win-win for the NYPD, which also assumes anyone avoiding a checkpoint is also guilty. These notifications might suck for cops, but it's a stretch to assume the app is allowing a horde of drunk drivers to roam the city unmolested.

But that's exactly what the NYPD assumes. Its cease-and-desist letter [PDF] demands Google not only remove this feature from Google Maps but somehow prevent users from finding others ways to notify fellow drivers about law enforcement checkpoints. It also accuses Maps users of committing criminal acts simply by posting the location of cop checkpoints.

Individuals who post the location of DWI checkpoints may be engaging in criminal conduct since such actions could be intentional attempts to prevent and/or impair the administration of DWI laws and other relevant criminal and traffic laws. The posting of such information for public consumption is irresponsible since it only serves to aid impaired and intoxicated drivers to evade checkpoints and encourage reckless driving.

This is nonsense. The posting of this information doesn't "only serve" impaired drivers. It also aids unimpaired drivers who may not want to make a suspicionless stop part of their daily commute. Even the most historically-strident advocate of driving while intoxicated laws doesn't agree with the NYPD's claims.

Helen Witty, the national president of Mothers Against Drunk Driving, was reluctant to address the specifics of the letter without more information, but she noted that sobriety checkpoints were frequently publicized in advance and that even when drivers were warned about them, they served their purpose.

“If you are impaired, you are not going to pay attention to that information,” she said, adding that in her experience, drunken drivers coming through sobriety checkpoints were often very confused or unaware of what was happening.

Witty goes on to point out the goal of regular DWI checkpoints is to make all drivers aware officers are looking for and punishing drunk drivers. More public awareness means fewer drunk drivers on the road, which should be the ultimate goal of these checkpoints.

Google has responded to the letter with a statement that indicates it won't be removing users' ability to warn others of speed traps and DWI checkpoints.

“Safety is a top priority when developing navigation features at Google. We believe that informing drivers about upcoming speed traps allows them to be more careful and make safer decisions when they’re on the road,” a Google spokesperson told CBS2 in a statement.

If the purpose of speed limits is to reduce drivers' speed to something the local government considers to be safe, a warning about speed traps ensures nothing more than drivers using Maps will be driving the speed limit when they approach that area. If the actual goal of speed traps and DWI checkpoints is to generate revenue, then of course law enforcement is going to be upset about Google picking its pocket.

The other odd thing to note is that the NYPD seems to want its letter to Google memory-holed. Streetsblog was the first to obtain the letter, but its copy has already been removed from Scribd. CBS News also posted a copy of the letter, but that link now returns a 404 error. No updates have been published at either site explaining the disappearance of the letter, and neither site has expressed any doubt as to the letter's legitimacy. What's posted below is built from screenshots of Streetsblog's embed, which is (so far) still generating an image of the PDF Scribd no longer hosts. It seems odd the NYPD would want this letter scrubbed from the internet, but it seems completely unlikely StreetsBlog and CBS both decided to delete this document on their own.

Permalink | Comments | Email This Story

Civil asset forfeiture is an abomination loaded with perverse incentives for law enforcement. Investigations and convictions are too much work. Seizing cash from random motorists or residents is so much easier than legitimate police work. The laws barely governing this practice allow the agency performing the seizure to keep all or most of what's seized, which has led directly to the widespread abuse we see around us today.

The practice always has its defenders. Most of those defenders come from the same agencies that are directly profiting from asset forfeiture. They say the expected stuff about fighting the good Drug War -- that taking $500 from a random motorist somehow creates a ripple effect felt all the way at the top of the drug distribution chain. Everyone knows they're full of shit, but there are enough true believers in most state legislatures that the practice remains largely unaltered across the United States.

But there are some outliers. Some people see the perverse incentives asset forfeiture creates and say perverted cops are the best cops.

Jarrod Bruder, the executive director of the South Carolina Sheriff's Association who frequently lobbies for law enforcement interests at the Statehouse, said that without the incentive of profit from civil forfeiture, officers probably wouldn't pursue drug dealers and their cash as hard as they do now.

If police don't get to keep the money from forfeiture, "what is the incentive to go out and make a special effort?" Bruder said. "What is the incentive for interdiction?"

I don't know... how about IT'S YOUR FUCKING JOB. This is a law enforcement professional who actually thinks cops won't do cop work unless they can periodically seize cash from people they interact with. Hey, Mr. Bruder, if cops can't solicit bribes or extort protection money from local businesses, why should they be bothered to patrol neighborhoods or respond to robbery calls?

If Wells Fargo account reps can't sign people up for accounts without their knowledge or permission, why should they even show up to help people open accounts or deal with banking issues? If an entrepreneur can't rope investors into a pyramid scheme, why even bother getting out of bed at 4 am to bathe in the glow of inflated self-worth? Come on, Bruder. How can you be so obtuse?

There's nothing quite like a law enforcement union rep telling the public the police are only willing to work when they can directly profit from their efforts. That's the kind of word-of-mouth advertising asset forfeiture reform efforts need... courtesy of a union rep who doesn't want the practice ended, much less altered.

That's the stupidest thing said in defense of asset forfeiture in this article from the Greenville News, which gathers law enforcement responses to its investigation of the unsavory tactics deployed by state agencies. Even victims of crime aren't off limits. Local cops will take money right off the kitchen counter when investigating murders and claim the $43 pocketed was the result of criminal activity.

But it's not the only stupid thing said by law enforcement reps defending forfeiture.

Clemson Police Chief Jimmy Dixon said if police didn't get to collect forfeiture money, it would hamper the department's ability to conduct long-term drug surveillance.

"It could potentially shut down our K-9 unit," he said. "Overall, our ability to conduct undercover narcotics operations could be stifled."

Lt. Jake Mahoney with the Aiken Police Department said they'd have to divert money from the budget to cover drug enforcement.

Greenwood Police Chief Gerald Brooks said it would "sharply curtail our drug enforcement activities."

Sounds like another set of cops with motivation problems. But even if you believe they're not like the union rep quoted above them, they're still complaining about possibly not being able to do something they're not legally allowed to do.

Forfeiture proceeds are not meant to be written into a budget or counted on for recurring expenses, but should be treated as a supplement to provide for extra training or equipment, according to the law and legal opinions.

Those are the arguments in favor of asset forfeiture: cops won't do their job if they can't earn cash on the side and budgets, that aren't supposed to include forfeiture funds, will experience shortfalls because chickens cops aren't supposed to count will no longer be hatched. Nice work, so-called drug warriors. It isn't -- and never has been -- about dismantling the drug trade. If law enforcement ever made a serious dent in crime, the extra money would dry up. And that's something they're just not going to allow to happen.

Permalink | Comments | Email This Story

Nearly two years ago, Mississippi governor Phil Bryant signed a bill reforming the state's asset forfeiture programs. The state needed it. Mississippi's law enforcement has directly profited from asset forfeiture for years. This has been combined with an extremely low evidentiary bar and zero reporting requirements to completely skew the incentives. Making it so easy to just take stuff from citizens has resulted in things like this:

That conflict [of interest] is on full display in Richland, Miss., where construction of a new $4.1 million law enforcement training facility was funded entirely by forfeiture proceeds garnered by police in Richland—a town of just 7,000 people. A sign in the building’s window boasts: “Richland Police Station tearfully donated by drug dealers.”

And this:

Mississippi drug warriors had their eye on nearly $300,000 in "forfeited" funds but threw it all away by issuing one of the most deficient search warrants ever. It's not that it was loaded with errors or questionable probable cause assertions. It's that it omitted perhaps the single most important element of a search warrant -- the location being searched.

When the forfeiture is a foregone conclusion, small towns end up with multi-million dollar facilities and supposed drug warriors with an eye on someone else's money can't even be bothered to fill out the paperwork. The reforms were needed and Governor Phil Bryant approved them.

Not that it mattered to local law enforcement.

Mississippi police agencies have been seizing cash, guns and vehicles without legal authority for months after a state law changed and police didn't notice.

An Associated Press review of a Mississippi Bureau of Narcotics database shows more than 60 civil asset forfeitures with nearly $200,000 in property taken by state and local agencies under a law that lapsed on June 30.

The state's cops just kept taking stuff under the old rules. And why not? They weren't detail oriented under the old system. That wasn't going to change just because legislators passed a law directly affecting their work. It certainly didn't matter to law enforcement that the top official in the state -- Governor Phil Bryant -- had given his approval of the reforms by signing the bill into law.

Apparently it doesn't matter to Governor Phil Bryant either.

If you can't read/see the tweet, here's the Mississippi governor telling residents they and their precious Constitutional rights can go fuck themselves.

When drug dealers have taken over your neighborhood, call a Constitutional scholar and see how that works out for you.

Governor Bryant's tweet links to the Mississippi Center for Public Policy, which has just sent him a letter asking him (and other state legislators) not to roll back the minor reforms that went into effect last year. His tweet directly mocks Ilya Shapiro, the Constitutional scholar quoted in the Center's post. And it directly mocks everyone who saw law enforcement abusing a weapon in its drug war arsenal to strip property from citizens with almost zero accountability or avenues of recourse.

In short, Governor Bryant thinks cops should have more rights and people not even accused of crimes should have less. That's an extremely shitty look for someone representing one of the fifty states of the United States of America.

Permalink | Comments | Email This Story

Your DNA may seem like a personal thing, but a number of companies specializing in DNA testing are ensuring it's anything but. Whether you're looking for markers identifying health risks or simply want to see who you're related to, you're giving these companies permission to create a pool of DNA samples almost anyone else can access.

Law enforcement has taken note of these developments, creating fake accounts to submit samples from crime scenes in an effort to close out cases. Whether or not we agree with law enforcement's misrepresentation, there's very little standing in the way of the government accessing your DNA sample via a third party. The thing that makes people unique becomes little more than a third party record -- only a subpoena away from being in the government's possession.

But even subpoenas aren't necessary if DNA companies decided to partner up with law enforcement by giving agencies access to their databases. That's what's happening with Family Tree, a company specializing in in-home DNA testing kits, as Salvador Hernandez reports for BuzzFeed.

Family Tree DNA, one of the largest private genetic testing companies whose home-testing kits enable people to trace their ancestry and locate relatives, is working with the FBI and allowing agents to search its vast genealogy database in an effort to solve violent crime cases, BuzzFeed News has learned.

Federal and local law enforcement have used public genealogy databases for more than two years to solve cold cases, including the landmark capture of the suspected Golden State Killer, but the cooperation with Family Tree DNA and the FBI marks the first time a private firm has agreed to voluntarily allow law enforcement access to its database.

The company says the FBI cannot freely browse its databases, but this partnership suggests its not asking the FBI to run anything past a court before running a search. The company feels the potential PR hit is worth it because it's "helping" the FBI "solve violent crimes." This is a bit discouraging. We're used to government agencies excusing incursions into people's privacy with statements about "violent crime" or "terrorism" or "the War on…" or whatever. It's disheartening when a private company does it, thinking it's somehow serving the public better by turning their DNA samples into investigation fodder.

Here's the full extent of the program so far, at least according to Family DNA:

While Family Tree does not have a contract with the FBI, the firm has agreed to test DNA samples and upload the profiles to its database on a case-by-case basis since last fall, a company spokesperson told BuzzFeed News.

This at least spares the FBI the trouble of creating fake profiles to do the same thing. Still, there's little PR or societal value in allowing a government agency to do something it was probably doing already. We see it all the time at the federal level where law enforcement/national security abuses are greeted with codification rather than criticism. Sure, we don't expect all companies to give the government the cold shoulder, but we should at least expect them to demand a bit more from the government when it starts asking for access to millions of DNA records.

There's a way to opt out of the FBI's co-opting if you're a Family Tree customer. Unfortunately, this option makes Family Tree a complete misnomer.

Officials at Family Tree said customers could decide to opt out of any familial matching, which would prevent their profiles from being searchable by the FBI. But by doing so, customers would also be unable to use one of the key features of the service: finding possible relatives through DNA testing.

If someone objects to the FBI's access, the service is useless. And this access was put into place without customers being informed ahead of time or given an option to opt out prior to the government's access. No matter how enthused Family Tree may be about being part of the FBI's posse, this is a terrible way to treat customers who expected their personal info would be given a bit more privacy.

Permalink | Comments | Email This Story

You'd think we wouldn't need any more data points on asset forfeiture abuse, but since many states still allow law enforcement to steal cash and personal property from people never even accused of criminal acts, maybe more data points are needed to show lawmakers why this abhorrent practice should be ended.

The Greenville News has put together an in-depth report on asset forfeiture in South Carolina, culled from asset forfeiture cases run through the state's court system. What it found is unsurprising, but still shocking. The article opens with a small sampling of injustices perpetrated by the criminal justice system.

When a man barged into Isiah Kinloch’s apartment and broke a bottle over his head, the North Charleston resident called 911. After cops arrived on that day in 2015, they searched the injured man’s home and found an ounce of marijuana.

So they took $1,800 in cash from his apartment and kept it.

When Eamon Cools-Lartigue was driving on Interstate 85 in Spartanburg County, deputies stopped him for speeding. The Atlanta businessman wasn’t criminally charged in the April 2016 incident. Deputies discovered $29,000 in his car, though, and decided to take it.

When Brandy Cooke dropped her friend off at a Myrtle Beach sports bar as a favor, drug enforcement agents swarmed her in the parking lot and found $4,670 in the car.

Her friend was wanted in a drug distribution case, but Cooke wasn’t involved. She had no drugs and was never charged in the 2014 bust. Agents seized her money anyway.

She worked as a waitress and carried cash because she didn’t have a checking account. She spent more than a year trying to get her money back.

Cash is king in South Carolina. Law enforcement loves taking it. Under the pretense of dismantling drug syndicates, law enforcement officers are taking money from waitresses, businessmen, and crime victims. Cash motivates law enforcement efforts -- dubious drug-focused shakedowns that are often given far too much credibility by local journalists.

This is state where county sheriffs run week-long events with cool names like "Rolling Thunder" and claim they're disrupting the flow of drugs. The reality is there's no disruption. People are separated from their cash and other property, but arrests and convictions are almost impossible to find, despite the discovery of a few hundred pounds of illegal substances. In 2017, the Spartansburg County Sheriff's Department pulled over more than 1,100 vehicles during an operation, searched 158 of them, recovered enough drugs to fill a table for a press conference, but only ended up with eight felony convictions. It did end up with $139,000 in cash, which was the actual focus of the "drug interdiction" activity.

The cases gathered from elsewhere in the state tell the same story: cash-hungry law enforcement agencies taking money from people and calling it a victory in the War on Drugs. African-Americans make up only 13 percent of the state's population, but 65 percent of asset forfeiture cases target African Americans. If you're white, you're not only targeted less frequently but you're twice as likely to get your property returned to you.

Since the state's laws allow 95 percent of everything seized to go to the law enforcement agency performing the seizure, officers are far more focused on cash than securing convictions.

Nearly one-fifth of people who had their assets seized weren't charged with a related crime. Out of more than 4,000 people hit with civil forfeiture over three years, 19 percent were never arrested. They may have left a police encounter without so much as a traffic ticket. But they also left without their cash.

And it's rarely ever taken from dealers. More than half of all cash seizures involved less than $1,000, suggesting officers are more than happy to lift cash from users, leaving the flow of drug traffic completely uninterrupted.

The Greenville News has compiled several disturbing stories of asset forfeiture abuse in another article. These highlight the mercenary tactics of law enforcement agencies which often appear to take money just because they can. In one despicable episode, they searched a house after one of its residents was killed there. When officers found a small amount of drugs, they decided to take all the loose cash they could find, which included $1,700 in bag and $43 found on the kitchen counter. Then, the agency sent the notice of forfeiture to the man they knew was dead -- the same person whose murder they were investigating. It took a court to call bullshit on this and force the agency to serve notice to the murder victim's estate. Even then, the executor of his estate was only able to recover half the cash the officers took.

South Carolina is badly in need of asset forfeiture reform. Unfortunately, no one has been able to push a bill past the formative stages. Given the 95% profit ensured by current laws, any proposed reform is going to face stiff resistance from law enforcement agencies that will feel the state is stealing from them, rather than seeking to prevent them from stealing from citizens.

Permalink | Comments | Email This Story

Well, let's see what government agents are claiming is reasonably suspicious these days. Ah, here it is: driving a registered vehicle on a public road. The streets are clogged with scofflaws, apparently. Thanks to the skill set of one Carlos Perez of the US Border Patrol, we can finally start putting these people away.

This ultra-ridiculous assertion comes courtesy of an appealed motion to suppress that has made its way to the Fifth Circuit Court of Appeals. The government is the party doing the appealing, having come out of the losing end of Jeffrey Freeman's request to have evidence obtained during two stops by the Border Patrol tossed out.

The suppression of the first stop isn't at issue as the government isn't challenging that particular suppression. But it wants to keep the evidence obtained in the second stop. The problem is Agent Perez's definition of "reasonable suspicion" isn't anywhere in the neighborhood of "reasonable." According to Perez, he stopped Freeman because he turned onto a public road that happened to bypass a Border Patrol checkpoint near Freer, Texas. Freer is 50 miles inland from the border, but the government has declared anything within 100 miles is under the control of the Border Patrol.

But the road Freeman turned onto (FM 2050) is more than a detour around BP checkpoints. According to Perez's own testimony, a dozen homes and a handful of businesses can be accessed via FM 2050, making it far more than a way to avoid being hassled by the Border Patrol. Still, Perez insisted the road was only used by those transporting illegal immigrants or contraband, turning residents and business owners (along with their employees) into criminals that just haven't been caught yet.

According to Perez, the BP stops almost every vehicle that turns onto FM 2050, reasoning that the very act of driving a public road is suspicious enough to justify a stop. Even Perez's own experience contradicts the narrative he's pushing. From the opinion [PDF]:

Agent Perez estimated the Border Patrol made approximately ten to twenty roving stops per week on FM 2050. He estimated that he had only conducted approximately twenty to thirty stops throughout his eight years there, and only two or three of those stops resulted in seizures.

During the stop, Agent Perez discovered Freeman's passenger was not a legal resident of the US. Freeman moved to suppress. The lower court found Perez's assertions about suspicious behavior ridiculous and stated his stop of Freeman was nothing more than a "fishing expedition."

The Appeals Court is no more impressed with Perez's claims, even when the Wild West aspects of the "Constitution-Free Zone" are taken into account.

At this point, we are left with the following facts to be viewed from Agent Perez’s limited experience in detecting illegal activity: Freeman’s truck, a type commonly found in the area, was seen less than 50 miles from the border, it turned right onto a road known for smuggling, and his truck was registered to an individual. We conclude that these facts, without more, are not enough to support reasonable suspicion, especially when viewed through the eyes of an agent with minimal experience detecting illegal activity. Courts that have found reasonable suspicion, even in cases in close proximity to the border, have generally required more.

Suspicion isn't "reasonable" when it has the ability to sweep up almost every driver on the road.

If the facts of this case constituted reasonable suspicion, virtually anyone who drove a car registered to an individual and turned right onto FM 2050, a public road, would be subject to being stopped by Border Patrol agents. As the district court pointed out, had Agent Perez waited a little longer, he may have been able to develop reasonable suspicion; he did not.

Agent Perez said his extensive experience led to him drawing these unreasonable suspicion conclusions. The Appeals Court points out the opposite is true: Perez may have eight years experience as a Border Patrol officer, but he only participated in 20-30 stops on the road where he stopped Freeman. And he was only successful about 10% of the time. The only thing Perez can sufficiently claim expertise in is fishing expeditions. Even with all the leeway granted to border enforcement, he still only managed to rack up three wins. This isn't someone who knows the ins and outs of observing human behavior to spot immigration violations. This is someone hopping from traffic stop to traffic stop hoping to get lucky.

Permalink | Comments | Email This Story

Foldable smartphones are expected to challenge the way we view and use our smartphones, but it seems that Meizu could be looking to challenge us in a very different way with the launch of the Meizu Zero. As its name implies, this phone has zero physical buttons, it does not come with a charging port, and there is no SIM card tray either.

We know, it sounds pretty wild! However there is a reason for its design in which Meizu wanted to make sure that the phone IP68 certified, meaning that it will be able to withstand immersion underwater without worrying about water seeping through any of the ports. It relies on wireless charging to juice it up, and also an e-SIM which does away with the need for a physical SIM card slot.

As for its specs, the Meizu Zero actually packs some pretty decent hardware. It uses last year’s Qualcomm Snapdragon 845 chipset and a 5.99-inch AMOLED display. There will also be an in-display optical fingerprint scanner which is something we’re starting to see more of these days.

It also has some rather nifty features such as pressure-sensitive edges where users can press down on to activate the power or to adjust the volume, which reminds us of the HTC U11 which was actually the first smartphone to introduce such a feature. There is also an under-display sound technology called mSound 2.0 which allows the phone to emit sounds without a external speaker.

Meizu has yet to officially confirm when the phone will be launched or how much it will cost, but it is definitely a very interesting concept.

Source: Lowyat.net

This is a shot of Marty, a googly eyed robot that's going to be dispatched to all 172 Giant grocery stores in Pennsylvania, Maryland, Virginia and West Virginia to identify spills in the stores and notify human employees to clean them up BECAUSE GOD FORBID IT SHOULD CLEAN THEM UP ITSELF *under breath* you lazy turd.

The in-store robots will move around on their own, identifying hazards like liquid, powder and bulk-food spills and reporting them to human employees. The robots will free up Giant employees to spend more time helping customers, the Carlisle-based company says. "Bringing robotics and A.I. from a research lab to the sales floor has been a very exciting journey, and we were thrilled by the customer response in our pilot stores," said Nicholas Bertram, president of Giant Food Stores. "Our associates have worked hard to bring this innovation to life with amazing partners. There should be a robot in every store by mid-2019, according to Giant.

No word how long it will be before a Marty tramples a child, but *laying on floor in spilled ketchup* quick, start screaming bloody murder. Oooh -- and pass me a package of Double Stuf OREOs. At the bare minimum they won't make me pay for those. Thanks to Closet Nerd and Lana, who agree Giant should save their robot money and hired an actual human to have another checkout line open.

Based on previous leaks, we’ve known that Samsung’s upcoming Galaxy yS10 variants wouldn’t be cheap, but I don’t think anyone would have expected that the top of the line device would command a sticker price of 1599 Euro. For reference, that’s right around $1,818 with today’s conversion rate, but it would include VAT which typically ranges from 19%-21%. According to TuttoAndroid, that price would allow you to walk out of a store with a Samsung Galaxy S10 Plus with 12GB of RAM and 1TB of internal storage.

Samsung will have much cheaper options in its Galaxy S10 lineup, starting with the Galaxy S10 Lite which will sell for 779 Euros. The regular Samsung Galaxy S10 will carry a 929 Euro sticker price and the entry S10 Plus variant will cost 1049 Euro. The prices may seem unprecedentedly high, but we need to remind you that Samsung phones typically have a lower starting point in the US since taxes are not calculated into the list prices of smartphones over here. The full pricing breakdown of all the different models is listed below.

• S10 Lite 6/128 GB to 779 euros (~$908)
• S10 6/128 GB to 929 euros (~$1,056)
• S10 8/512 GB to 1179 euros (~$1,340)
• S10 Plus 6/128 GB at 1049 euros (~$1,193)
• S10 Plus 8/512 GB to 1299 euros (~$1,477)
• S10 Plus 12/1 TB at 1599 euros (~$1,818)

The leak also claims that the Samsung Galaxy S10 family of devices will go on sale in Italy on March 8th, two and a half weeks after the official launch event. The window between the announcement and retail availability is shorter than what it was last year, but only by a few days. There’s no indication that the North American launch will also be scheduled for March 8th, but there’s no reason to believe that we’ll have to wait longer than that.

Source: TuttoAndroid

UPDATE: Huawei has issued a public response to the issue, providing additional context and a possible fix.

A new update that’s being distributed for select Huawei smartphones in China is appears to be deleting images which are being downloaded through the Twitter app. This story came to light when a Huawei smartphone user in China tried downloading images of his friend’s dog through the Twitter app. The user received a notification that the system had recognized that the images had been flagged as being downloaded through Twitter and that they would be deleted from the device. The publication which first published the story characterized it as Huawei having a back-door mechanism on the device, monitoring the user’s activity on Twitter which is banned from being used in China.

The issue itself has been verified by multiple Huawei smartphone users which went out of their way to record it and share it with others. To many, this incident reinforces the notion that Huawei’s smartphones are spying on their users, putting personal information at risk. That being said, we think that the story is being overblown.

Several Honor and Huawei users reported that the issue started showing update after the installation of a recent update. However, it’s unclear if the update is the culprit or if it’s a new mechanism that was included with a recent update to the Twitter app. The notification actually states that the Twitter app is responsible for deleting the image. The same users who have experienced the issue have been able to download images through Twitter.com and third-party Twitter applications. We’re hoping that someone will be able to dig into the update package and analyze what is going on.

Even if the images downloaded through the Twitter application are being flagged and deleted by the recent update that’s being pushed out by Huawei, we wouldn’t call this a backdoor vulnerability. As it should, Android is notifying the user that an image is being deleted. The images in question are being deleted from a Chinese phone which is being used in China from an application which is banned within China. China’s public stance on Twitter is not a secret, so we don’t think there’s anything nefarious at play here.

We don’t see this issue spreading to markets outside of China and in our understanding, this issue has nothing to do with the US government’s stance on Huawei’s close ties to the Chinese government. But the issue of perception still persists. Has this new incident changed your perspective on Huawei?

Source: Apple Daily Via: Reddit

 

The advent of biometric "passcodes" -- fingerprints and facial recognition -- appear to be leaving those who choose these methods with fewer Fifth Amendment protections. A handful of courts have ruled fingerprints and faces aren't "testimony." Much as officers can collect fingerprints and mugshots without a warrant following an arrest, they can also apply fingers and faces to locked phones to get to the data inside.

But it's not as simple as some court decisions make it appear. Even passwords can be considered testimonial, as they may indicate ownership of a locked device or compel production of evidence to be used against the device's owner. The passcode argument has gone both ways in court, which usually comes down to the individual judge's definition of "foregone conclusion." Does the foregone conclusion refer to the device's ownership or the evidence contained in it? The latter is harder to prove, and raising the burden of proof to this level tends to result in courts finding the compelled production of passwords to be a Fifth Amendment violation.

Via Thomas Brewster at Forbes, there's finally some good news on the biometric security front. A federal judge in California has ruled forcing people to unlock phones using biometric measures is a Fifth Amendment violation.

[I]n a more significant part of the ruling, Judge Westmore declared that the government did not have the right, even with a warrant, to force suspects to incriminate themselves by unlocking their devices with their biological features.

As the court points out [PDF], when the fingerprint IS the password, the Fifth Amendment is implicated despite these features normally being considered non-testimonial.

The Court finds that utilizing a biometric feature to unlock an electronic device is not akin to submitting to fingerprinting or a DNA swab, because it differs in two fundamental ways. First, the Government concedes that a finger, thumb, or other biometric feature may be used to unlock a device in lieu of a passcode. In this context, biometric features serve the same purpose of a passcode, which is to secure the owner's content, pragmatically rendering them functionally equivalent.

The court notes law enforcement is well aware of jurisprudence surrounding device security. In this case, the more time that passed between the seizure of the devices and their compelled unlocking, the less likely law enforcement would be able to evade the Fifth Amendment. Judge Westmore doesn't find this reasoning acceptable.

[A] passcode is generally required "when a device has been restarted, inactive, or has not been unlocked for a certain period of time." This is, no doubt, a security feature to ensure that someone without the passcode cannot readily access the contents of the phone. Indeed, the Government expresses some urgency with the need to compel the use of the biometric features to bypass the need to enter a passcode. This urgency appears to be rooted in the Government's inability to compel the production of the passcode under the current jurisprudence. It follows, however, that if a person cannot be compelled to provide a passcode because it is a testimonial communication, a person cannot be compelled to provide one's finger, thumb, iris, face, or other biometric feature to unlock that same device.

The court goes on to say the government had other options to access messages -- like approaching Facebook with a warrant -- rather than intrude on the Fifth Amendment (and the Fourth Amendment -- more on that in a moment), but it chose to do it this way. Just because it's easier and faster to do it via compelled production doesn't make it right. In fact, in the court's eyes, all this effort did was violate the Constitution in multiple ways.

An attempted assault on the Fourth Amendment also occurred in this case. Investigators looking for evidence of extortion via Facebook sought to have every device and person at a residence seized and searched, with every resident compelled to unlock devices found during the search. As the judge points out in the rejection of the search warrant application, the Fourth Amendment requires far more specificity.

This request is overbroad. There are two suspects identified in the affidavit, but the request is neither limited to a particular person nor a particular device.

Thus, the Court finds that the Application does not establish sufficient probable cause to compel any person who happens to be at the Subject Premises at the time of the search to provide a finger, thumb or other biometric feature to potentially unlock any unspecified digital device that may be seized during the otherwise lawful search.

This is a far better answer to this sort of request than others we've seen. Searching someone's home and digging through their electronics is one of the scariest powers the government has. The Fourth Amendment is in place to limit these exercises of immense government power to those that are justifiable and necessary. When judges grant overbroad orders, they're doing more than failing to act as a check against government abuse. They're normalizing abuse of citizens' rights via judicial precedent.

Permalink | Comments | Email This Story

If you've shopped for a TV recently, you may have noticed that it's largely impossible to just buy a "dumb" TV set without all of the "smart" internals. More specifically, most TV vendors don't want to sell you a bare-bones set because they want you to use their streaming services. Even more specifically, they want you to buy their sets with their specific streaming functionality because they want to spy on you. Poorly.

That's always been fairly obvious to most folks, but it was nice to see Vizio CTO Bill Baxter acknowledge that the reason you pay a discount is because your viewing habits are being collected and sold to the highest bidder:

"Q. One sort of Verge-nerd meme that I hear in our comments or on Twitter is “I just want a dumb TV. I just want a panel with no smarts and I’ll figure it out on my own.” But it sounds like that lifetime monetization problem would prevent you from just making a dumb panel that you can sell to somebody.

A. Well, it wouldn’t prevent us, to be honest with you. What it would do is, we’d collect a little bit more margin at retail to offset it. Again, it may be an aspirational goal to not have high margins on our TV business because I can make it up downstream. On the other hand, I’m actually aggregating that monetization across a large number of users, some of which opt out.

It’s a blended revenue model where, in the end, Vizio succeeds, but you know, it’s not wholly dependent on things like data collection.

The problem is that this trade off isn't really providing value to the end user, in large part thanks to the TV sector's terrible security and privacy practices. For one, navigating the TV sector's historically terrible GUIs to actually find and opt out of this data collection is often a nightmare. Usually opting out is first intentionally named something nebulous, then buried deep in a sea of terribly-designed menus. And even then, opting out can often result in you losing access to some core set features you might actually use. That's only a good deal if you enjoy annoyance.

Then there's the fact that the TV sector routinely does an absolutely terrible job at the security and privacy practices needed to protect this data. We've seen vendors like Samsung get busted hoovering up and collecting living room conversations, then shoveling this data off to a nebulous assortment of third-party clients. Numerous set vendors have similarly been busted collecting this data then transmitting it to the cloud without adequate encryption. Vizio itself just struck a $2.2 million settlement with the FTC for secretly tracking and selling the usage habits of around sixteen million Vizio owners for around three years.

So yes you're maybe paying a bit less up front for a cheaper set, but you're paying for the deal out the other side of the equation in a way that's not even entirely calculable. Even then, higher-end TV set vendors do this same thing, kind of deflating the claim that this is only being done by necessity among lower-end vendors trapped by tight margins. In reality, the same disregard for privacy and security that has infected the internet of broken things space is on proud display in the TV business, resulting in hardware that's easily exploitable by everyone from run of the mill hackers to intelligence services. Is that a bargain, really?

With so many streaming hardware platforms to choose from (game consoles, your phone, home-built PCs, Roku, Apple TV, etc.), many users just want a dumb TV with ample HDMI ports that simply does one job, really well. Instead, like so many sectors (telecom comes quickly to mind) the priority appears to be focused on treating user data like a harvestable resource, with security, privacy, and transparency a very distant afterthought.

Permalink | Comments | Email This Story