Tag Archives: Legal Issues

Should US Border Cops Need a Warrant To Search Devices?

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/nkJXOQKsHkU/

The answer from me is, OF COURSE, f&ck yes. They can’t search your home, car and anywhere else in the country, they would need a warrant to search devices too. A case by the EFF (Electronic Frontier Foundation) is heading to the Fifth Circuit Court of Appeals in the US to find out what should […]

The post Should US Border Cops Need a…

Read the full post at darknet.org.uk

US Voting Machines Hacked At DEF CON – Every One

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/2jfq8D4XaNo/

US Voting Machines Hacked, some in minutes at this year’s DEF CON “Voting Village” – not something you want to hear really. Especially with the results of recent elections that the World is currently dealing with the consequences from. Of course with physical access, most machines can be dominated in some way or another – […]

The post US…

Read the full post at darknet.org.uk

DJI Firmware Hacking Removes Drone Flight Restrictions

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/WrLMjVOTRig/

Drones have been taking over the world, everyone with a passing interest in making videos has one and DJI firmware hacking gives you the ability to remove all restrictions (no-fly zones, height and distance) which under most jurisdictions is illegal (mostly EU and FAA for the US). It’s an interesting subject, and also a controversial…

Read the full post at darknet.org.uk

Fake News As A Service (FNaaS?) – $400k To Rig An Election

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/UqEqmi9y3oY/

This is pretty interesting, the prices for Fake News as a Service have come out after some research by Trend Micro, imagine that you can create a fake celebrity with 300,000 followers for only $2,600. Now we all know this Fake News thing has been going on for a while, and of course, if it’s […]

The post Fake News As A Service (FNaaS?)…

Read the full post at darknet.org.uk

UK Schedule 7 – Man Charged For Not Sharing Password

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/aGBaFnpXHK4/

Finally UK Schedule 7 of the Terrorism Act 2000 is finally being enacted and is no longer an idle threat, so be aware it’s not only the USA that has these kind of draconian laws. A man who refused to share his phone and laptop passwords has been charged under Schedule 7, which is pretty […]

The post UK Schedule 7 – Man Charged For Not…

Read the full post at darknet.org.uk

Reading Analytics and Privacy

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/04/reading_analyti.html

Interesting paper: “The rise of reading analytics and the emerging calculus of reading privacy in the digital world,” by Clifford Lynch:

Abstract: This paper studies emerging technologies for tracking reading behaviors (“reading analytics”) and their implications for reader privacy, attempting to place them in a historical context. It discusses what data is being collected, to whom it is available, and how it might be used by various interested parties (including authors). I explore means of tracking what’s being read, who is doing the reading, and how readers discover what they read. The paper includes two case studies: mass-market e-books (both directly acquired by readers and mediated by libraries) and scholarly journals (usually mediated by academic libraries); in the latter case I also provide examples of the implications of various authentication, authorization and access management practices on reader privacy. While legal issues are touched upon, the focus is generally pragmatic, emphasizing technology and marketplace practices. The article illustrates the way reader privacy concerns are shifting from government to commercial surveillance, and the interactions between government and the private sector in this area. The paper emphasizes U.S.-based developments.

Shadow Brokers Release Dangerous NSA Hacking Tools

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/C7Uj-fd-nmk/

It’s not the first time Shadow Brokers has been on the radar with NSA Hacking Tools, in August 2016 they exposed a bunch of 0-day exploits (also from 2013). This cache of tools appears to be from 2013, so was properly snatched during the same intrusion. This is somewhat more dangerous though as it provides […]

The post Shadow Brokers…

Read the full post at darknet.org.uk

Prisoners Hack Prison From Inside Prison

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/YTDOBPW2iiM/

Prisoners Hack Prison! Sounds exciting right? This time it’s actually pretty entertaining with the prisoners managing to hack a prison network from INSIDE the prison using scavenged PC parts from a rehabilitation class. Some pretty resourceful guys managing to build 2 functional PCs from scrapped parts AND connect to the prison network AND try and…

Read the full post at darknet.org.uk

European Commission Pushing For Encryption Backdoors

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/ocno8CjeP-U/

The debate surrounding encryption backdoors has been raging on for years with governments (that typically don’t really understand the things they are pushing for) requesting all software have government ‘secured’ backdoor keys. This is now getting more serious in Europe with the EC actually forcing the issue (in a passive aggressive kind of way…

Read the full post at darknet.org.uk

WikiLeaks Exposes Massive CIA Leak Including Hacking Tools

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/HOArkGLZ1Es/

WikiLeaks has dropped another massive bomb called “Vault7“, basically a massive CIA leak which covers documents, correspondence, hacking tools, exploits and much more. It details sophisticated software tools and techniques used by the agency to break into smartphones, computers and even Smart TVs. The first installment published already contains…

Read the full post at darknet.org.uk

Visiting The States? Have Your Passwords Ready

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/2C5fmxex5gw/

There’s been a lot of buzz about this on Twitter, if you’re visiting the states anytime soon you might want to have your social media login credentials handy – as they might be requesting them at the border. I find the whole thing rather contrived though as I use 2FA for everything, so they are […]

The post Visiting The States? Have Your…

Read the full post at darknet.org.uk

Top 10 FOSS legal stories in 2016 (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/714719/rss

Mark Radcliffe surveys
the most important legal issues
surrounding free and open-source
software on opensource.com. “The challenge for the Linux community
is to decide when to bring litigation to enforce the GPLv2. What it means
in many situations is that to be compliant is currently left to individual
contributors rather than being based on a set of community norms. As
Theodore Ts’o noted, this issue really concerns project
governance. Although permitting individual contributors to make these
decisions may be the Platonic ideal, the tradeoff is ambiguity for users
trying to be compliant as well as the potential for rogue members of the
community (like McHardy) to create problems. The members of the Linux
community and other FOSS communities need to consider how they can best
assist the members of their community to understand what compliance means
and to determine when litigation might be useful in furtherance of the
community’s goals.

Dark Web Paying Corporate Workers To Leak Info

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/zVyI8cb3Wrs/

This is not particularly new news, but the Dark Web paying corporate workers to leak info – especially pertaining to stock prices (earnings reports etc) is setting the mainstream news on fire at the moment. It’s also funny because people constantly contact us asking questions about the ‘Dark Web’ aka the ‘Dark Net’ which happens […]

The…

Read the full post at darknet.org.uk

UK Encryption Backdoor Law Passed Via Investigatory Powers Act

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/mYvV-ZzHN1k/

The latest news out of my homeland is not good, the UK encryption backdoor law passed via Investigatory Powers Act or the IPA Bill as it’s commonly known. And itself was passed through a kind of backdoor route, which avoided the scorn of the public. Which was good for the lawmakers, but not for the […]

The post UK Encryption Backdoor Law…

Read the full post at darknet.org.uk

UK Teen Earned More Than US$385,000 From DDoS Service

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/bDlQBstACiQ/

Another DDoS service down after the owner got busted, this time a UK teenager who created the service called Titanium Stresser when he was just 15. Not long ago we wrote about the two Israeli guys who got busted for running the VDoS-s.com DDoS Service. There seems to be a bit of a crack down […]

The post UK Teen Earned More Than US$385,000…

Read the full post at darknet.org.uk

Why Professional Open Source Management is Critical for your Business

Post Syndicated from mikesefanov original https://yahooeng.tumblr.com/post/152340372151

By Gil Yehuda, Sr. Director of Open Source and Technology Strategy

This byline was originally written for and appears in CIO Review

In his Open Source Landscape keynote at LinuxCon Japan earlier this year, Jim Zemlin, Executive Director of the Linux Foundation said that the trend toward corporate-sponsored open source projects is one of the most important developments in the open source ecosystem. The jobs report released by the Linux Foundation earlier this year found that open source professionals are in high demand. The report was followed by the announcement that TODOGroup, a collaboration project for open source professionals who run corporate open source program offices, was joining the Linux Foundation. Open source is no longer exclusively a pursuit of the weekend hobbyist. Professional open source management is a growing field, and it’s critical to the success of your technology strategy.

Open Source Potential to Reality Gap

Open source has indeed proven itself to be a transformative and disruptive part of many companies’ technology strategies. But we know it’s hardly perfect and far from hassle-free. Many developers trust open source projects without carefully reviewing the code or understanding the license terms, thus inviting risk. Developers say they like to contribute to open source, but are not writing as much of it as they wish. By legal default, their code is not open source unless they make it so. Despite being touted as an engineering recruitment tool, developers don’t flock to companies who toss the words “open source” all over their tech blogs. They first check for serious corporate commitment to open source.

Open source offers potential to lower costs, keep up with standards, and make your developers more productive. Turning potential into practice requires open source professionals on your team to unlock the open source opportunity. They will steer you out of the legal and administrative challenges that open source brings, and help you create a voice in the open source communities that matter most to you. Real work goes into managing the strategy, policies, and processes that enable you to benefit from the open source promise. Hence the emerging trend of hiring professionals to run open source program offices at tech companies across the industry.

Getting the Program off the Ground

Program office sounds big. Actually, many companies staff these with as few as one or two people. Often the rest is a virtual team that includes someone from legal, PR, developer services, an architect, and a few others depending on your company. As a virtual team, each member helps address the areas they know best. Their shared mission is to provide an authoritative and supportive decision about all-things open source at your company. Ideally they are technical, respected, and lead with pragmatism – but what’s most important is that they all collaborate toward the same goal.

The primary goal of the open source program office is to steer the technology strategy toward success using the right open source projects and processes. But the day-to-day program role is to provide services to engineers. Engineers need to know when they can use other people’s code within the company’s codebase (to ‘inbound’ code), and when they can publish company code to other projects externally (to ‘outbound’ code). Practical answers require an understanding of engineering strategy, attention to legal issues surrounding licenses (copyright, patent, etc.), and familiarity with managing GitHub at scale.

New open source projects and foundations will attract (or distract) your attention. Engineers will ask about the projects they contribute to on their own time, but in areas your company does business. They seek to contribute to projects and publish new projects. Are there risks? Is it worth it? The questions and issues you deal with on a regular basis will help give you a greater appreciation for where open source truly works for you, and where process-neglect can get in the way of achieving your technology mission.

Will it Work?

I’ve been running the open source program office at Yahoo for over six years. We’ve been publishing and supporting industry-leading open source projects for AI, Big Data, Cloud, Datacenter, Edge, Front end, Mobile, all the way to Zookeeper. We’ve created foundational open source projects like Apache Hadoop and many of its related technologies. When we find promise in other projects, we support and help accelerate them too, like we did with OpenStack, Apache Storm and Spark. Our engineers support hundreds of our own projects, we contribute to thousands of outside projects, and developers around the world download and use our open source code millions of times per week! We are able to operate at scale and take advantage of the open source promise by providing our engineers with a lightweight process that enables them to succeed in open source.

You can do the same at your company. Open source professionals who run program offices at tech companies share openly – it comes with the territory. I publish answers about open source on Quora and I’m a member of TODOGroup, the collaboration project managed by the Linux Foundation for open source program directors. There, I share and learn from my peers who manage the open source programs at various tech companies.

Bottom line: If you want to take advantage of the value that open source offers, you’ll need someone on your team who understands open source pragmatics, who’s plugged into engineering initiative, and who’s empowered to make decisions. The good news is you are not alone and there’s help out there in the open source community.

Massive Yahoo Hack – 500 Million Accounts Compromised

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/r3NKnv_5YDI/

So if you are a Yahoo user (which most of us probably have been at some point) you will be aware of the Yahoo Hack – with 200 Million e-mail addresses being up for sale on the black market it seems up to 500 million have been compromised in one of the biggest hacks yet. […]

The post Massive Yahoo Hack – 500 Million Accounts…

Read the full post at darknet.org.uk

Two Israeli Men Arrested For Running VDoS-s.com DDoS Service

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/omE-YkT-2F0/

DDoS or Booter services have been around for a while, but VDoS-s.com was a particularly slick (and shameless) one with a content marketing strategy and active social media accounts. Two Israeli men were arrested for running the service after ironically being hacked by a security researcher. They called their service a ‘Stresser’ and claimed to…

Read the full post at darknet.org.uk

Criminal Rings Hijacking Unused IPv4 Address Spaces

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/kpnWMV__skk/

So apparently this Hijacking Unused IPv addresses has been going on for a while, but with quite a lot number of attempts recently it’s ramped up a LOT since the September announcement by ARIN about IPv4 depletion. There was only only 50 hijacking attempts between 2005 and 2015. Since September, ARIN has already seen 25 […]

The post Criminal…

Read the full post at darknet.org.uk

The Panama Papers Leak – What You Need To Know

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/SPqd2S03BBo/

The HUGE news this week is the Panama Papers leak, a massive cache of 11.5 million documents leaked to a German Newspaper (Süddeutsche Zeitung) in August 2015. It’s one of the most significant data leaks of all time and Edward Snowden has labelled it as “the biggest leak in the history of data journalism”. It’s […]

The post The Panama…

Read the full post at darknet.org.uk