Supreme Court considers if your privacy rights include location data
With all the attention focused on the FCC’s upcoming vote to dismantle net neutrality protections, it’s easy to have missed an upcoming hearing that has the potential to reshape electronic-privacy protection. Today, the Supreme Court is hearing arguments in Carpenter v. United States — and at issue is cellphone-tower location data that law enforcement obtained without a warrant.
Defendant Timothy Carpenter, who was convicted as the mastermind behind two years of armed robberies in Michigan and Ohio, has argued that his location data, as gathered by his cellphone service provider, is covered under the Fourth Amendment, which protects citizens against “unreasonable searches and seizures.” Thus far, appeals courts have upheld the initial decision that law enforcement didn’t need a warrant to acquire this data, so the Supreme Court is now tasked with determining whether this data is deserving of more-rigorous privacy protection.
This case has been going on for years, so let’s get some background details out of the way. Amy Howe, formerly a reporter and editor for SCOTUSblog, describes how law enforcement asked cellphone service providers for details on 16 phone numbers tied to the crimes, including Carpenter’s number and that of a co-defendant. That data included months of cell-site-location information (CSLI) that shows precise GPS coordinates of cellphone towers plus the date and time that a phone tried to connect to the tower in question. The FBI used this to create a map of where the phone and its owner were at any given time. The FBI received multiple months of data, not just data for the days, and was never asked to produce a warrant.
The FBI’s explanation, which the courts have thus far backed up, relies on a legal principle known as the third-party doctrine. Jennifer Lynch from the Electronic Frontier Foundation explains that the third-party doctrine states that information you voluntarily share with “someone else” isn’t protected by the Fourth Amendment, because third parties aren’t legally bound to keep the info you shared with them private. And the definition of “someone else” is quite broad — in this case, the courts view the data that cellphone providers collect as something customers are voluntarily sharing, simply by using their services.
Carpenter has argued that the third-party doctrine was not intended to be applied to things like cellphones. That’s largely because the legal backing of the third-party doctrine is based on two Supreme Court cases from the 1970s, years before the first cellphone even went on sale to the public. Simply put, the way courts are ruling on third-party doctrine doesn’t make sense in an age when so much sensitive information is bound up in our cellphones.
There’s also a 2012 Supreme Court case that could back up Carpenter’s argument. In United States v. Jones, the Supreme Court unanimously ruled that it was a Fourth Amendment violation to attach a GPS unit to a car without a search warrant. The FBI had planted the GPS onto a car parked on private property and used it to track its position every 10 seconds for a full month. That’s more granular than the location info you get from a cellphone, but the cases do have some similarities.
After the court’s decision, Justice Sonia Sotomayor wrote that the third-party doctrine was “ill suited to the digital age” and expressed her opinion that privacy case law was failing to keep up with the rapid changes that smartphones and other technology are making to how we as a society view privacy. “People disclose the phone numbers that they dial or text to their cellular providers, the URLS that they visit and the e-mail addresses with which they correspond to their Internet service providers, and the books, groceries and medications they purchase to online retailers,” she wrote. “I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection.”
Some of the world’s biggest tech companies, including Apple, Facebook, Microsoft, Google, Twitter and even Verizon agree with Sotomayor. In August, a total of 15 companies filed an amici curiae brief related to the Carpenter case in which they argue that “fourth amendment doctrine must adapt to the changing realities of the digital era” and that “rigid analog-era rules should yield to consideration of reasonable expectations of privacy in the digital age.” Of course, this argument may not win over the Supreme Court, but its ruling in the 2012 GPS case shows that the justices could be in favor of stronger privacy protection.
Unfortunately for those who believe in expanded privacy rights, lower courts have so far sided with the third-party doctrine when it comes to CSLI. Lynch writes that “five federal appellate courts, in deeply divided opinions, have held that historical CSLI isn’t protected by the Fourth Amendment — in large part because the information is collected and stored by third-party service providers.” We’ll find out soon whether the Supreme Court is ready to break with those past rulings, a move that could lead both to freedom for Timothy Carpenter and a new precedent for privacy in the age of the smartphone.
Apple fixes macOS bug allowing full access without a password (updated)
It didn’t take long for Apple to patch that nasty macOS High Sierra flaw that let intruders gain full administrator access (aka root) on your system. The company has released Security Update 2017-001, which should prevent people from gaining control over a Mac just by putting “root” in the username and hitting the Return key a few times. Needless to say, you’ll want to apply this fix as soon as you can if you’re running Apple’s latest desktop OS.
The practical threat of this exploit is fairly low, as it requires that someone have physical access to your Mac. You could also thwart it by setting a root password. The concern, of course, is that this is a disconcertingly simple trick — it wouldn’t take much for someone to access your unattended MacBook in a coffee shop. As good as it is that Apple is fixing the bug quickly, it ideally wouldn’t have been there in the first place.
Update: Apple has issued a statement on the patch. It has apologized for the flaw, noting that “customers deserve better,” and is reviewing its “development processes” to prevent a repeat. Also, you’ll soon have this update as a matter of course: Apple will automatically install it on all systems running macOS 10.13.1 sometime later today. You can read the full statement below.
“Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
“When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
“We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.”
Source: Apple
Apple sues Qualcomm for violating chip patents
The patent lawsuit battle between Apple and Qualcomm isn’t about to cool down any time soon. Apple has countersued Qualcomm, alleging that older Snapdragon chips (the 800 and 820) violate eight or more patents for power management in processors. It’s keen to point out that this technology predates that from a relevant Qualcomm suit, claiming that it pursued these patents “years” before the ones Qualcomm is wielding in its own case. Apple is pushing for unspecified damages.
It’s no secret that the suit serves as a bargaining chip. While the CPUs in question aren’t being sold in as high volumes as they would have been a year ago, this could still put a dent in Qualcomm’s bottom line if it’s successful — and of course, if it moves quickly enough for the Snapdragon models to still be relevant. Patent suits can take years, by which point the victory is more symbolic than practical.
Apple began the patent dispute at the start of 2017 when it sued Qualcomm for allegedly charging unfair royalties for tech it reportedly had “nothing to do with.” Qualcomm shot back with lawsuits targeting the iPad and iPhone. It’s not clear who (if anyone) is likely to win at this point, but Apple might have the edge: Qualcomm has already faced multiple claims of anti-competitive behavior over royalties, including an ongoing lawsuit from the FTC. It may be harder for Qualcomm to stake out the moral high ground if courts believe it’s pressing companies into unfair deals.
Source: Reuters
Intel wants to make your autonomous car rides more entertaining
Once autonomous cars can routinely take over the monotonous, minute-to-minute responsibilities of actually driving, what are their human passengers supposed to do with themselves? Well, if Intel has any say, people will spend their trips being immersed in interactive fantasy lands.
To that end, Intel announced on Wednesday at the 2017 LA Auto Show that it will partner with Warner Bros. to develop “in-cabin, immersive experiences in autonomous vehicle (AV) settings,” according to the company’s press release. They’re calling it the AV Entertainment Experience. Essentially, not only will passengers be able to watch movies, TV shows or play games on their mobile devices while their autonomous vehicles are driving, they’ll eventually engage with fully immersive VR and AR experiences as well.
“For example, a fan of the superhero Batman could enjoy riding in the Batmobile through the streets of Gotham City, while AR capabilities render the car a literal lens to the outside world,” Intel CEO Brian Krzanich wrote, “enabling passengers to view advertising and other discovery experiences.” We get to watch immersive advertisements during long car rides? Oh boy!
There’s no set timetable for when these sorts of systems will actually make it into tomorrow’s autonomous vehicles. Intel and Warner Bros plan to first install a prototype of the AVEE into one of their 100-car test fleet and develop it from there.
Source: Intel
BMW debuts its i8 Roadster for top-down green driving
The i series vehicles has been BMW’s electrified brand on the road since 2014. The i3 is the pure-electric urban bubble vehicle while the supercar-styled i8 is the hybrid of the pair. But beyond sharing similar design cues and a TRON-inspired paint job, the two vehicles couldn’t be further from each other. At the 2017 LA Auto Show, the automaker placed even more space between the cars with the new 2019 convertible and coupe i8s.
Under the hood of the 2019 all-wheel drive i8s are two electric motors and a three-cylinder turbocharged engine. Just like the previous version of the car. But BMW was able to optimize its eDrive tech to get more power and range out of the car. The 2019 models squeeze 18 miles of pure EV range out of the car thanks to the new 11.6kWh battery pack. Up from the 12 miles available from the old 7.1kWh battery. The automobiles also get an additional 12 horsepower out of the system bringing it up the total to 369 horsepower.
Both cars also get 70 miles per-gallon equivalent according to BMW. But that could change pending EPA tests.
Other than two new colors (E-Copper and Donnington Grey) and a badge behind the doors, the Coupe looks pretty much like its predecessor. If you really want to make sure your new i8 sticks out from the pack, you have to go with the new Roadster. It looks cooler (because convertibles always look cooler) and the electric convertible soft top opens in under 16 seconds at speeds up to 31 miles per-hour according to BMW.
Of course you’re going to need to make sure you’re making some serious cash to afford either version of the i8 with a street price expected to be north of $150,000. Final pricing will be announced later.
Both low slung cars appeared onstage alongside the North American debut of the BMW i Vision Dynamics that was introduced at the Frankfurt Auto Show a few months ago. The cars along with the i3s are part of the automakers commitment to have 12 electric cars by 2025. “For us, electric mobility is the new normal,” said Klaus Frohlich, member of the board of management at BMW AG and development during the BMW press conference.
That’s part an aggressive short-term goal to introduce 40 cars in the next two years. The highest number of vehicles introduced in a two year period by the automaker in its over 100 year history. BMW is going to be extremely busy over the next couple years.
Over half of FCC net neutrality comments may be fake, study says
The FCC’s proposal to roll back net neutrality protections was up for public comment between April 27th and August 30th and while nearly 22 million comments were submitted, there’s been a bit of discussion surrounding who or what registered those comments and how accurately they reflect the public opinion of the plan. The Pew Research Center looked into those millions of comments and it published its findings today. Overall, the center found that very few comments were unique, more than half came from temporary or duplicate email addresses and on multiple occasions, tens of thousands of comments were filed at the exact same time, suggesting use of bot campaigns.
The FCC’s comment system was supposed to use a verification process that would confirm users’ email addresses were legitimate. However, Pew’s research could only confirm that just three percent of comments were validated in this way. Around 57 percent of comments used temporary email addresses or an email address linked to at least one other comment and in many cases, comment submissions listed fake email addresses. For instance, example@example.com was used over 7,500 times and over 9,100 email addresses didn’t include the “@” sign. Ten percent of comments didn’t even have an email address listed. Additionally, thousands of comments weren’t registered to legitimate names. The number one most common name, Pew found, was “Net Neutrality,” followed by “The Internet” and “Pat M.”
The report also notes that only six percent of comments were unique. Of the other 94 percent, many came from form posts provided by websites like battleforthenet.com and groups like Taxpayers Protection Alliance. However, others appeared to be generated by automated processes, like bot campaigns. On over 100 occasions, 25,000 or more comments were submitted at the exact same time and on nine occasions, 75,000 or more submissions were registered simultaneously. The biggest instance of this saw over 475,000 comments submitted at the exact same second.
Further, aside from pro- or anti-net neutrality comments — wherever they originated from — there were also a few very off-topic comments. A few dozen referenced Bee Movie, some even contained parts of the movie’s script. Over 100 were made up of mostly non-alphanumeric characters. And others featured short messages like “cat videos,” “google it,” “SAD!” and “!!!!!!!!!!!!!!!!!!!!!!!!!”
Others have looked into the makeup of these comments as well. Data scientist Jeff Kao recently released his own study that found at least 1.3 million anti-net neutrality comments registered with the FCC were fake and came from a single central source. He also found that just 800,000 of the 22 million total comments were likely to be original and that 99 percent of them supported net neutrality.
“The Center’s analysis of these submissions finds that the comments present challenges to anyone hoping to understand the attitudes of the concerned public regarding net neutrality,” the Pew Research Center concludes. “It also highlights the ways in which individuals and groups are using modern digital tools to engage in the long-standing practice of speaking out in order to influence government policy decisions.”
Via: Reuters
Source: Pew Research Center
The 2018 CLS will be Mercedes’ smartest coupe yet
Mercedes showed off its 2018 CLS coupe at the 2017 Los Angeles Auto Show on Wednesday. In addition to its sleek styling and five full seats, the car will offer a number of autonomous driver assist features that have, until now, been reserved for the company’s higher-end models.
The 2018 CLS will offer a variety of active driver assist functions including Mercedes’ Distronic smart cruise control system which maintains the vehicle’s distance from the one in front of it as well as adjust its speed based on the route and posted speed limits. What’s more, it will assist with both changing lanes and staying in your current one by leveraging the car’s multiple cameras and radar system.
The Distronic system really shines when it comes to crashing. Should the driver have a medical emergency on the road, the system will autonomously bring the car to a full stop in its lane and even unlock the doors to help first responders get in faster.
Should the car detect an incoming collision from the rear or side, it will activate the Pre-Safe system to minimize the damage to its occupants. The Distronic system will also help keep pedestrians safe thanks to its evasive steering assist feature, which boosts the steering torque should the system detect the driver attempting to dodge a pedestrian.
The CLS will offer a 362 HP, 3.0 inline six turbo engine with an integrated starter generator, enabling the car to silently turn off and restart its engine at stops and in traffic to reduce emissions and fuel use. There’s no price set for it yet, but the new CLS should hit dealer showrooms by Fall of 2018.
The company also announced on Wednesday that it plans to electrify its lineup by 2022 as part of its EQ program. The company expects to have at least one electric-powered version of each vehicle model available by that time.
What’s more, Tobais Moers, Chairman of AMG, revealed the company’s Project ONE supercar. It’s billed as the world’s first street legal Formula 1 vehicle. It features a 6-liter V6, “taken straight from F1 program,” according to Moers. The ONE spins up to 11,000 RPM, boasts 1000-plus horsepower and a top speed in excess of 217 MPH. The ONE manages this thanks to an electrically-induced turbocharger, which provides a nearly instantaneous power boost. 120kW electric motors on both front wheels provide the ONE with all-wheel drive.
Facebook is testing a ‘breaking news’ tag for developing stories
Facebook will set a cookie to keep you logged in, but it won’t set one to remember whether you want to stick with a chronological News Feed. That sort of thing makes it hard to tell at a glance how old a story from a media outlet in your Feed might be. To counter that, the social network is giving certain publications access to a “breaking” tag for their posts. The bright red tag sits below a post’s image and highlights how long ago it was published. Recode writes that publishers will be able to flag a story for between 15 minutes and six hours, and that it can be used once every 24 hours.
For now, the list of publishers who can use it is small and includes ABC News and Vox Media, and Facebook is keeping the full list of media organizations involved close to the chest. The breaking tag won’t weight a post’s ranking within Facebook’s algorithms. At least not yet. A spokesperson told Recode that part of the test was to decide whether or not a breaking news story should have preference over other posts in the News Feed.
Facebook has been working with news organizations on different ways to post, host and promote their stories for awhile. Instant Articles, for example, were fast-loading versions of news stories hosted by Facebook, made their debut a few years ago. Then there’s the split News Feed that keeps posts from Pages and friends siloed off from each other, and the Explore Feed. We’ve reached out to Facebook for more information and will update this post should it arrive.
Source: Recode
Apple Releases macOS High Sierra Security Update to Fix Root Password Vulnerability
Apple today released Security Update 2017-001 to fix a serious vulnerability that enables access to the root superuser with a blank password on any Mac running macOS High Sierra version 10.13.1.
The critical bug, which gained attention after it was tweeted by developer Lemi Ergin yesterday, lets anyone gain administrator privileges by simply entering the username “root” and a blank password in System Preferences > Users & Groups.
The security update is rolling out on the Mac App Store now, and it should be installed by all users running macOS High Sierra as soon as possible. Regardless, starting later today, Apple said the security update will be automatically installed on all Macs running macOS High Sierra 10.13.1.
Apple has since apologized for the vulnerability in a statement obtained by MacRumors:
Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
The vulnerability does not affect macOS Sierra or any other previous version of the operating system.
Discuss this article in our forums
New Sports Section Goes Live in Apple’s TV App in iOS 11.2 and tvOS 11.2
Apple this morning launched a new Sports section in its TV app, which appears to be available on devices running iOS 11.2 and tvOS 11.2. Sports can be accessed through the new dedicated Sports tab at the bottom of the app, located next to the “Watch Now” button.
First announced in September, the TV app’s Sports section is designed to allow users to watch live sports games through integration with ESPN. Right now, ESPN appears to be the only app offering content through the TV app’s Sports category, but additional Sports-oriented apps could offer support in the future.
Right now, since it’s basketball season and there are several basketball games this afternoon, the TV app focuses heavily on basketball content. There are links to NBA games, men’s college basketball, and women’s college basketball, along with re-aired content and separate browsing sections for football and rugby.
Apple plans to change the focus of the app regularly to highlight relevant sports games that are upcoming, so when there are football games on, football will be more heavily prominent.
In a “Favorites” section of the app, there’s an option to pick all of your favorite MLB, NFL, NBA, NHL, MLS, and other teams, which will tailor the content displayed in the app to your interests. The TV app will also send out notifications when important games you’re interested in are airing, and those notification options can be customized in the Notifications section of the Settings app. You can also choose whether or not to display live sports scores in the TV section of the Settings app.
Beta testers who are running iOS 11.2 or tvOS 11.2 should be able to access the new Sports portion of the TV app starting today.
Related Roundups: Apple TV, iOS 11Buyer’s Guide: Apple TV (Buy Now)
Discuss this article in our forums
AIVAnet 