mi writes: IMDb has a reason to rejoice. Politico reports: "A federal judge has barred the State of California from enforcing a new law limiting online publication of actors' ages. Acting in a case brought by online movie information website IMDb, U.S. District Court Judge Vince Chhabria ruled Wednesday that the California law likely violates the First Amendment and appears poorly tailored to proponents' stated goal of preventing age discrimination in Hollywood. The judge expressed deep skepticism that the law, which he said appeared to apply only to IMDb, would have any effect on discrimination. The judge rejected the state's arguments that the law was a regulation of commercial speech, finding that IMDb was acting as a publisher in posting the birthday and age information online." "It's not clear how preventing one mere website from publishing age information could meaningfully combat discrimination at all. And even if restricting publication on this one website could confer some marginal anti-discrimination benefit, there are likely more direct, more effective, and less speech-restrictive ways of achieving the same end," Chhabria wrote in a three-page order.

"T-Mobile USA is ready to deploy a new LTE technology over the same 5GHz frequencies used by Wi-Fi following U.S. government approval of the first 'LTE-U' devices," reports Ars Technica. "The Federal Communications Commission today authorized the first LTE-U (LTE for unlicensed spectrum) devices after a controversial process designed to ensure that cellular network use of the 5GHz band won't interfere with Wi-Fi networks." From the report: LTE-U will help T-Mobile achieve its goal of offering gigabit LTE speeds, the carrier said. Verizon Wireless is also planning to use LTE-U. The company said in September that it is "eager to deploy" the technology and developed an equipment testing plan, but it's not clear when a Verizon deployment will happen. Cellular carriers in the US generally hold exclusive licenses to spectrum, while Wi-Fi operates in unlicensed frequencies. Anyone can operate in unlicensed spectrum without an FCC license as long as they use certified radio equipment and comply with power limits and other technical requirements. The plan to bring LTE to unlicensed Wi-Fi spectrum set off an industry fight. LTE-U deployment plans drew opposition in 2015 from cable companies and the Wi-Fi Alliance, an industry group that certifies equipment to make sure it doesn't interfere with other Wi-Fi equipment. Industry groups worked together to develop a "Coexistence Test Plan" to prevent interference, and the Wi-Fi Alliance said it's satisfied with the result even though the new testing is voluntary rather than required by the FCC.

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers -- essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site -- not linking to it anywhere. Brian Krebs went and dug it up. Spoiler: the product/vendor in question is EVlog by Altair Technologies Ltd.

An anonymous reader shares a Fortune report: General Electric will put cameras, microphones, and sensors on 3,200 street lights in San Diego this year, marking the first large-scale use of "smart city" tools GE says can help monitor traffic and pinpoint crime, but raising potential privacy concerns. Based on technology from GE's Current division, Intel and AT&T, the system will use sensing nodes on light poles to locate gunshots, estimate crowd sizes, check vehicle speeds and other tasks, GE and the city said on Wednesday. The city will provide the data to entrepreneurs and students to develop applications. Companies expect a growing market for such systems as cities seek better data to plan and run their operations. San Diego is a test of "Internet of things" technology that GE Current provides for commercial buildings and industrial sites.

holy_calamity writes: University of Nebraska student Brevan Jorgenson swapped the rear-view mirror in his 2016 Honda Civic for a home-built device called a Neo, which can steer the vehicle and follow traffic on the highway. Jorgenson used hardware designs and open-source software released by Comma, a self-driving car startup that decided to give away its technology for free last year after receiving a letter asking questions about its functionality from the National Highway Traffic Safety Administration (NHTSA). Jorgenson is just one person in a new hacker community trying to upgrade their cars using Comma's technology. "A Neo is built from a OnePlus 3 smartphone equipped with Comma's now-free Openpilot software, a circuit board that connects the device to the car's electronics, and a 3-D-printed case," reports MIT Technology Review. The report notes that Neodriven, a startup based in Los Angeles, has recently started selling a pre-built Neo device that works with Comma's Openpilot software, but it costs $1,495.

Last week, a Swedish Patent and Market Court of Appeal ordered The Pirate Bay and streaming portal Swefilmer to be blocked by internet service provider Bredbandsbolaget for the next three years. The order was not well supported by other internet service providers in Sweden, as it appears they don't like the idea of becoming copyright policemen. TorrentFreak reports: Last week ISP Bahnhof absolutely slammed the decision to block The Pirate Bay, describing the effort as signaling the "death throes" of the copyright industry. It even hinted that it may offer some kind of technical solution to customers who are prevented from accessing the site. For those familiar with Bahnhof's stance over the years, this response didn't come as a surprise. The ISP is traditionally pro-freedom and has gone out of its way to make life difficult for copyright enforcers of all kinds. However, as one of the leading telecoms companies in Sweden and neighboring Norway, ISP Telia is more moderate. Nevertheless, it too says it has no intention of blocking The Pirate Bay, unless it is forced to do so by law. "No, we will not block if we are not forced to do so by a court," a company press officer said this morning. Telia says that the decision last week from the Patent and Market Court affects only Bredbandsbolaget, indicating that a fresh legal process will be required to get it to respond. That eventuality appears to be understood by the rightsholders but they're keeping their options open.

Trailrunner7 quotes a report from On the Wire: A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant. Sen. Ron Wyden said in a letter to the secretary of the Department of Homeland Security that he is concerned about reports that Customs and Border Patrol agents are pressuring returning Americans into handing over their phone PINs or using their fingerprints to unlock their phones. DHS Secretary John Kelly has said that he's considering the idea of asking visitors for the login data for their various social media accounts, information that typically would require a warrant to obtain. "Circumventing the normal protection for such private information is simply unacceptable," Wyden said in the letter, sent Monday. "There are well-established procedures governing how law enforcement agencies may obtain data from social media companies and email providers. The process typically requires that the government obtain a search warrant or other court order, and then ask the service provider to turn over the user's data."

A number of studies show that piracy helps movies, TV shows, and music albums find a much wider audience, which in turn, often times, help in boosting their revenue. But what about comic books? A new academic study shows that piracy can have a positive effect on comic book sales, too, albeit under certain conditions. From a report on TorrentFreak: Manga, in particular, has traditionally been very popular on file-sharing networks and sites. These are dozens of large sites dedicated to the comics, which are downloaded in their millions. According to the anti-piracy group CODA, which represents Japanese comic publishers, piracy losses overseas are estimated to be double the size of overseas legal revenue. With this in mind, Professor Tatsuo Tanaka of the Faculty of Economics at Keio University decided to look more closely at how piracy interacts with legal sales. In a natural experiment, he examined how the availability of pirated comic books affected revenue. Interestingly, the results show that decreased availability of pirated comics doesn't always help sales. In fact, for comics that no longer release new volumes, the effect is reversed. "Piracy decreases sales of ongoing comics, but it increases sales of completed comics," Professor Tanaka writes. "To put this another way, displacement effect is dominant for ongoing comics, and advertisement effect is dominant for completed comics," he adds.

Reader broknstrngz writes: GlobalSign, a WebTrust certified CA and identity services provider, has released its high volume managed PKI platform, taking a stab at the current authentication and security weaknesses in the IoT. The new service aims to commodify large scale rapid enrollment and identity management for large federated swarms of devices such as IP cameras, smart home appliances and consumer electronics, core and customer premises network equipment in an attempt to reduce the attack surface exploitable by IoT DDoS botnets such as Mirai.

Strong device identity models are developed in partnership with TPM and hardware cryptographic providers such as Infineon and Intrinsic ID, as well as other Trusted Computing Group members.

Julia Fioretti, reporting for Reuters: European Union data protection watchdogs said on Monday they were still concerned about the privacy settings of Microsoft's Windows 10 operating system despite the U.S. company announcing changes to the installation process. The watchdogs, a group made up of the EU's 28 authorities responsible for enforcing data protection law, wrote to Microsoft last year expressing concerns about the default installation settings of Windows 10 and users' apparent lack of control over the company's processing of their data. The group -- referred to as the Article 29 Working Party -- asked for more explanation of Microsoft's processing of personal data for various purposes, including advertising. "In light of the above, which are separate to the results of ongoing inquiries at a national level, even considering the proposed changes to Windows 10, the Working Party remains concerned about the level of protection of users' personal data," the group said in a statement which also acknowledged Microsoft's willingness to cooperate.

Google and Microsoft pledged on Monday to crack down on sites hosting pirated content that show up on their search engines. In what is being called a first of its kind agreement, Google and Microsoft's Bing will demote U.K. search results of copyright infringing websites. From a report on The Telegraph: The search engine operators have signed up to a clampdown that will see the UK's copyright watchdog monitor the search results they provide for unlawful websites. The agreement follows years of campaigning by record labels and film studios, which have accused Google and Microsoft of turning a blind eye to piracy and dragging their feet over measures to protect copyright online. Under a new voluntary code, the tech giants have committed to demote websites that have repeatedly been served with copyright infringement notices, so that they do not appear on the first page for common searches.

Kim Dotcom -- and Megaupload's programmers Mathias Ortmann and Bram van der Kolk, as well as its advertising manager Finn Batato -- could soon be in a U.S. courtroom. A New Zealand judge just ruled they can all be extradited to the U.S. An anonymous reader quotes Reuters: The Auckland High Court upheld the decision by a lower court in 2015 on 13 counts, including allegations of conspiracy to commit racketeering, copyright infringement, money laundering and wire fraud, although it described that decision as "flawed" in several areas. Dotcom's lawyer Ron Mansfield said in a statement the decision was "extremely disappointing" and that Dotcom would appeal to New Zealand's Court of Appeal.

U.S. authorities say Dotcom and three co-accused Megaupload executives cost film studios and record companies more than $500 million and generated more than $175 million by encouraging paying users to store and share copyrighted material. High Court judge Murray Gilbert said that there was no crime for copyright in New Zealand law that would justify extradition but that the Megaupload-founder could be sent to the United States to face allegations of fraud.
"I'm no longer getting extradited for copyright," Dotcom commented on Twitter. "We won on that. I'm now getting extradited for a law that doesn't even apply.

An anonymous reader writes: "In many cases, your old TV isn't recycled at all and is instead abandoned in a warehouse somewhere, left for society to deal with sometime in the future," reports Motherboard, describing the problem of old cathode-ray televisions and computer monitors with "a net negative recycling value" (since their component parts don't cover the cost of dismantling them). An estimated 705 million CRT TVs were sold in the U.S. since 1980, and many now sit in television graveyards, "an environmental and economic disaster with no clear solution." As much as 100,000 tons of potentially hazardous waste are stockpiled in two Ohio warehouses of the now-insolvent recycler Closed Loop, plus "at least 25,000 tons of glass and unprocessed CRTs in Arizona...much of it is sitting in a mountainous pile outside one of the warehouses."
One EPA report found 23,000 tons of lead-containing CRT glass abandoned in four different states just in 2013.

An anonymous reader quotes KrebsOnSecurity: On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.

Sergey Vovnenko, a.k.a. "Fly," "Flycracker" and "MUXACC1," pleaded guilty last year to aggravated identity theft and conspiracy to commit wire fraud. Prosecutors said Vovnenko operated a network of more than 13,000 hacked computers, using them to harvest credit card numbers and other sensitive information... A judge in New Jersey sentenced Vovnenko to 41 months in prison, three years of supervised released and ordered him to pay restitution of $83,368.

Separately, a judge in Washington, D.C. handed down a sentence of three year's probation to Eric Taylor, a hacker probably better known by his handle "Cosmo the God." Taylor was among several men involved in making a false report to my local police department at the time about a supposed hostage situation at our Virginia home. In response, a heavily-armed police force surrounded my home and put me in handcuffs at gunpoint before the police realized it was all a dangerous hoax known as "swatting"... Taylor and his co-conspirators were able to dox so many celebrities and public officials because they hacked a Russian identity theft service called ssndob[dot]ru. That service in turn relied upon compromised user accounts at data broker giant LexisNexis to pull personal and financial data on millions of Americans.

An IBM security researcher recently discovered something interesting about smart cars. An anonymous reader quotes CNN: Charles Henderson sold his car several years ago, but he still knows exactly where it is, and can control it from his phone... "The car is really smart, but it's not smart enough to know who its owner is, so it's not smart enough to know it's been resold," Henderson told CNNTech. "There's nothing on the dashboard that tells you 'the following people have access to the car.'" This isn't an isolated problem. Henderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them.

Manufacturers create apps to control smart cars -- you can use your phone to unlock the car, honk the horn and find out the exact location of your vehicle. Henderson removed his personal information from services in the car before selling it back to the dealership, but he was still able to control the car through a mobile app for years. That's because only the dealership that originally sold the car can see who has access and manually remove someone from the app.
It's also something to consider when buying used IoT devices -- or a smart home equipped with internet-enabled devices.