Federal Appeals Court rules that violating a website's Terms of Service is not a crime

A Ninth Circuit Appellate Court has rejected Oracle's attempt to treat violating its website terms of service as a felony under the Computer Fraud and Abuse Act, Read the rest

You absolutely must secure your home router and you probably can't

Lucian Constantin's Motherboard guide to protecting your home router is full of excellent, nearly impossible-to-follow advice that you should follow, but probably won't. Read the rest

Mirai's creators plead guilty, reveal that they created a DDoS superweapon to get a competitive edge in the Minecraft server industry

Last year, the Mirai botnet harnessed a legion of badly secured internet of things devices and turned them into a denial of service superweapon that brought down critical pieces of internet infrastructure (and even a country), and now its creators have entered guilty pleas to a Computer Fraud and Abuse Act federal case, and explained that they created the whole thing to knock down Minecraft servers that competed with their nascent Minecraft hosting business. Read the rest

Sony's new robot dog doubles down on DRM

It's been 15 years since Sony used the DMCA to shut down the community that had sprung up to extend the functionality of its Aibo robot dogs, threatening people with lawsuits and jailtime for modifying their dogs' operating systems. Read the rest

How to opt out of Equifax's rights-stripping arbitration clause

During the five weeks after hackers stole 143 million Americans' data from Equifax, and while its execs were selling off their stock by the millions, the company sprang into action, producing an insecure site for checking whether your own data was breached that produces the same output no matter what name and SSN you input. Read the rest

Tesla's demon-haunted cars in Irma's path get a temporary battery-life boost

Tesla sells both 60kWh and 75kWh versions of its Model S and Model X cars; but these cars have identical batteries -- the 60kWh version runs software that simply misreports the capacity of the battery to the charging apparatus and the car's owner. Read the rest

FTC settles with Lenovo over selling laptops deliberately infected with Superfish spyware

The Federal Trade Commission has announced a settlement with Lenovo over the 2015 revelation that the company pre-installed malware called "Superfish" on its low-end models, which allowed the company to spy on its customers, and also left those customers vulnerable to attacks from third parties, who could exploit Superfish's weakened security. Read the rest

How DRM and EULAs make us into "digital serfs"

Washington and Lee law professor Joshua Fairfield is the author of a recent book called Owned: Property, Privacy, and the New Digital Serfdom, which takes up the argument that DRM and license agreements mean that we have no real property rights anymore, just a kind of feudal tenancy in which distant aristocrats (corporations) dictate how we may and may not use the things we "buy," backed by the power of the state to fine or jail us if we fail to arrange our affairs to the company's shareholders. Read the rest

Security researchers repeatedly warned Kids Pass about bad security, only to be ignored and blocked

Kids Pass is a service that offers discounts on family activities in the UK; their website makes several common -- and serious -- security problems that could allow hackers to capture their users' passwords, which endangers those users' data on other services where they have (unwisely) recycled those same passwords. Read the rest

Security researchers: EFF's got your back at this summer's technical conferences

Are you a security researcher planning to present at Black Hat, Defcon, B-Sides or any of this summer's security events? Are you worried a big corporation or the government might attack you for revealing true facts about the defects in the security systems we entrust with our safety, privacy and health? Read the rest

Independent repair guy on the planned obsolescence of Apple products

Louis Rossmann is an independent service technician in New York City who has repaired Apple products for years. Read the rest

IoT vendor objects to "rude" review, renders complainer's device inoperable

R Martin bought a Garadget -- a device that lets you verify whether your garage door is closed using a mobile app -- and couldn't get it to work and left an intemperate 1-star Amazon review for the product. Read the rest

Testing products for data privacy and security

It’s an exciting and treacherous time to be a consumer. The benefits of new digital products and services are well documented, but the new risks they introduce are not. Basic security precautions are ignored to hasten time to market. Biased algorithms govern access to fair pricing. And four of the five most valuable companies in the world earn their revenue through products that mine vast quantities of consumer data, creating an unprecedented concentration of corporate power. A recent survey at Consumer Reports showed that 65% of Americans lack confidence their data is private or secure, with most consumers feeling powerless to do anything about it.

Healthcare facilities widely compromised by Medjack, malware that infects medical devices to steal your information

The healthcare industry is a well-known information security dumpster fire, from the entire hospitals hijacked by ransomware to the useless security on medical devices to the terrifying world of shitty state security for medical implants -- all made worse by the cack-handed security measures that hospital workers have to bypass to get on with saving our lives (and it's about to get worse, thanks to the Internet of Things). Read the rest

The kickstarted Pebble smartwatch is now a division of Fitbit, so they may "reduce functionality" on all the watches they ever sold

If you're one of the 60% of Pebble employees who didn't get a job offer from Fitbit, the company's new owner, you're probably not having a great Christmas season -- but that trepedation is shared by 100% of Pebble customers, who've just learned (via the fine print on an update on the Pebble Kickstarter page) that the company may soon "reduce functionality" on their watches. Read the rest

Mr Robot has driven a stake through the Hollywood hacker, and not a moment too soon

Mr Robot is the most successful example of a small but fast-growing genre of "techno-realist" media, where the focus is on realistic portrayals of hackers, information security, surveillance and privacy, and it represents a huge reversal on the usual portrayal of hackers and computers as convenient plot elements whose details can be finessed to meet the story's demands, without regard to reality. Read the rest

UK to extradite hacker with autism to US to face trial for breaking into state computers

Today a court in London okayed the extradition of a British hacker with autism to the United States, where he will face trial for breaking into high-security U.S. government computers. Read the rest

More posts