Feed aggregator

Fedora is on diaspora*

LXer -

Diaspora is a distributed social networking platform comprised of nodes, called pods. These pods are linked together to allow users to connect seamlessly. This idea is different from the traditional social network, where user data is centralized and controlled by a single entity. diaspora is also free as in speech, so you can use it however you like. diaspora* also values your privacy.

Will Rhode Island Double Down on the CFAA's Faults?

EFF's Deeplinks -

Security research could earn you a prison sentence if this bill passes.

Legislators in Rhode Island have advanced a dangerous bill that would duplicate and exacerbate the faults of the federal Computer Fraud and Abuse Act (CFAA). Four organizations joined EFF this week in signing a letter and supporting memo to state legislators explaining the bill's faults and why it should not pass.

In addition to threatening innocent activities like security research, whistleblowing in the public interest, and anyone who violates a corporate Terms of Service (TOS) agreement to access confidential information, the bill would place enormous power in the hands of prosecutors, impose steep criminal penalties without even requiring an intent to obtain financial gain, and compound the problematic vagueness of terms in existing Rhode Island state law.

Rhode Island House Bill 7406 Substitute A, and companion Senate Bill 2584, would create a new offense of "unauthorized access to confidential information" under the state's existing computer crime statute. According to the bill's proponents, it aims to punish and deter the commercially motivated theft of trade secrets.

Yet under the proposal, severe legal penalties would threaten any number of activities well beyond the theft of trade secrets for commercial gain.

Among the bill's many fault's, the first and foremost is its duplication of existing laws which already address this issue by criminalizing "intentional access" to computer information. There has been no independent showing that previously enacted laws have proven inadequate to protect confidential data.

Moreover, the proposed new crimes would not require prosecutors to prove that a defendant intentionally aimed to steal or monetize commercial secrets. Instead, they would apply to anyone who intends to "view...copy, or download" information that turns out to be confidential, including academic researchers, security researchers, or corporate whistleblowers who act in the public interest. The bill's overbroad state-of-mind provisions threaten innocent activity.

Two sets of terms within the proposed law are especially overbroad.

For instance, it criminalizes anyone who accesses information "without authority," which sweeps broadly and could encompass anyone who violates a corporate Terms of Service ("TOS") agreement. But violations of TOS agreements are ubiquitous, often harmless, and rendering them subject to criminal penalties would unnecessarily restrain the way innocent people use online services.

In addition, the term "access" under Rhode Island state law has been defined to include "approach and communicate with," in sharp contrast to a more traditional definition that would require actually "gaining access to" data that is meaningfully protected. It makes no sense for a computer crime bill to threaten anyone who merely "communicate[s] with" a data source, whatever their intention.

Similarly, the bill protects any data that is "protected by disclosure," without requiring that those protections be effective or meaningful. Under the bill's proposed terms, an Internet user could risk a felony charge by simply accessing an otherwise public link that had not been published. Data so priceless that its owners take no active steps to secure it should not be deemed so sensitive that people who do access it should face criminal penalties.

A more sensible way to define unauthorized access would be to limit the scope of a proposed criminal act to include only efforts to intentionally circumvent effective code-based restrictions on access. This is important to protect people whose innocent actions would place them at legal risk under the bill's current definitions.

This is especially important because the proposed penalties are severe: violations of the proposed Rhode Island law would carry a five year prison term, potentially "stackable" with violations of a substantially similar existing law for a total of 10 years.

Should the law force a security researcher working to protect user privacy to risk being ordered to serve a 10 year prison sentence? Of course not.

We hope that the Rhode Island state House rejects the bill despite the Judiciary Committee's approval, and that the Senate rejects the proposal as it deserves.


Share this: Join EFF

Unixstickers Gives Back to FOSS Projects

LXer -

Are you one of those people who likes to use your laptop as a billboard to announce to the world that you’re a Linux user? Do you feel compelled to plaster stickers all over the outside, letting everyone know your favorite distro, some of your favorite FOSS programs or even a favorite programming or scripting language? Do you find yourself wishing there was an easy way to cover up the Windows key on your PC’s keyboard with something that actually represents an operating system you use?

Researchers Teaching Robots To Feel and React To Pain

Slashdot -

An anonymous reader writes: Researchers from Leibniz University of Hannover in Germany are developing what they call an "artificial robot nervous system" that would allow robots to "feel" pain and react accordingly so they can avoid potential damages to their components. According to IEEE, the system uses a "nervous robot-tissue model that is inspired by the human skin structure" to measure different pain levels and move the robot in a way that prevents damaging interactions. [The model transmits pain information in repetitive spikes if the force exceeds a certain threshold, and the pain controller reacts after classifying the information into light, moderate, or severe pain.] Johannes Kuehn, one of the researchers, argues that in addition to avoiding potential damages to their components, robots will be protecting humans as well, since a growing number of them will be operating in close proximity to human workers. Kuehn, who worked on the project with Professor Sami Haddadin, reasoned that if our biological mechanisms to sense and respond to pain are so effective, why not devise a bio-inspired robot controller that mimics those mechanisms?

Read more of this story at Slashdot.

Pages

Subscribe to debianHELP aggregator