Month: May 2016

(credit: Axanar Productions)

On Monday, a Los Angeles-based US District Court judge ruled that Axanar Productions, a crowd-funded Star Trek fanfiction production company, would have to face a copyright infringement lawsuit (PDF) from CBS and Paramount, which own the rights to the Star Trek TV and film franchise.

In a blog post about the upcoming trial dates, leader of Axanar Productions Alec Peters seemed undeterred by the news, writing, "I am happy to say our trial got moved up to January 31, 2017... That means, we could win this case and have Axanar back in production in March, 2017. Yes, we will finish Axanar!"

Axanar Productions, which has already produced a short film called Prelude to Axanar and has plans to make a high-quality feature film simply called Axanar, argued in its motion to dismiss that CBS and Paramount's copyright infringement claims are too vague. The production company also contended that some of CBS and Paramount's claimed copyrighted elements, including costumes, the Starlet insignia, the Klingon language, and the “mood or theme” of Star Trek, were not protected by copyright law.

Alphabet Chairman Eric Schmidt at an event in 2015. Schmidt took the stand in San Francisco today in the second Oracle v. Google trial. (credit: SeongJoon Cho/Bloomberg via Getty Images)

SAN FRANCISCO—Alphabet Chairman and former Google CEO Eric Schmidt testified in a federal court here today, hoping to overcome a lawsuit from Oracle accusing his company of violating copyright law.

During an hour of questioning by Google lawyer Robert Van Nest, Schmidt discussed his early days at Google and the beginnings of Android. Everything was done by the book, Schmidt told jurors, emphasizing his positive relationship with Sun Microsystems and its then-CEO Jonathan Schwartz.

Schmidt himself used to work at Sun Microsystems after getting his PhD in computer science from UC Berkeley in 1982. Schmidt was at Sun while the Java language was developed.

Disney may be enjoying a renaissance as the popular cross-media publisher of everything from Star Wars to Inside Out to Captain America. That list won't include video games anymore. The company just announced it will be shutting down its Disney Infinity line of games and associated collectible toys, and it will be ending its "self-published console games business" altogether.

Disney Infinity Senior VP and General Manager John Blackburn said in a surprise announcement today that "we have made the difficult decision to discontinue production of Disney Infinity. From the beginning, Disney Infinity was built for you—our fans—and I wanted to take a moment to thank you not just for your support over the years, but for creating a community that made Disney Infinity more than just a game." Blackburn promised that there would be two final retail releases of Infinity toy playsets in the next two months, before the line is shut down entirely.

In an earnings report today, Disney said it will write down a $147 million charge in connection with the shutdown of its console business, largely due to Infinity. The company's latest earnings report cites "lower results for Infinity" as part of the reason for a slight decrease in revenues and income from its Consumer Products & Interactive Media division.

Enlarge (credit: Ron Amadeo)

For years, critics have bemoaned the sad state of security updates available to hundreds of millions of owners of mobile devices running Google's Android operating system. Now, federal regulators are investigating whether Google, Apple, and the rest of the players in the mobile industry are doing everything they can to keep their customers safe.

In a joint action, the Federal Communications Commission and the Federal Trade Commission are ordering mobile operating system developers, hardware manufacturers, and carriers to explain their rationale in deciding when to issue updates, or as is so often the case for Android users, why they don't provide updates. Two of the more glaring examples are a vulnerability dubbed Stagefright disclosed last year and another disclosed in March called Metaphor. Both allow attackers to surreptitiously execute malicious code on Android devices when they view a booby-trapped website.

"There have recently been a growing number of vulnerabilities associated with mobile operating systems that threaten the security and integrity of a user’s device and all the personal, sensitive data on it," Jon Wilkins, chief of the FCC's Wireless Telecommunications Bureau, wrote in a letter to carriers. "One of the most significant to date is a vulnerability in the Android component called 'Stagefright.' It may have the ability to affect close to 1 billion Android devices around the world. And there are many other vulnerabilities that could do just as much harm."

(credit: Garrett Ewald)

Technicians from the global payment network SWIFT left Bangladesh's Central Bank vulnerable to an attack that saw attackers steal $81 million, according to Bangladeshi police and bank officials speaking to Reuters.

In February, unknown hackers broke into the Bangladesh Bank and almost got away with just shy of $1 billion. In the event, their fraudulent transactions were cancelled after they managed to transfer $81 million when a typo raised concerns about one of the transactions. That money is still unrecovered. In April, we learned that preliminary investigations had revealed the use of cheap networking and a lack of firewalls, both contributing to the attack.

The new report sheds further light on the incident. The SWIFT organization is owned by 3,000 financial companies and operates a network for sending financial transactions between financial institutions. Technicians from the organization worked at the central bank last year when they were connecting the Bangladesh's real-time gross settlement (RTGS) system to the SWIFT network. Mohammad Shah Alam, leading the probe for the Bangladesh police, told Reuters that the technicians doing this work left "a lot of loopholes" that were not subsequently addressed.

(credit: Marco Paköeningrat Follow)

A US Senate committee on Tuesday demanded that Facebook Chairman Mark Zuckerberg respond to a Monday report in Gizmodo that the social networking site's workers "routinely suppressed news stories of interest to conservative readers from the social network's influential 'trending' news section."

South Dakota Republican Sen. John Thune, chairman of the Senate Committee on Commerce, Science, and Transportation, labeled the allegations in the anonymously sourced Gizmodo piece "serious."

"Facebook must answer these serious allegations and hold those responsible to account if there has been political bias in the dissemination of trending news,” Thune said in a statement. "Any attempt by a neutral and inclusive social media platform to censor or manipulate political discussion is an abuse of trust and inconsistent with the values of an open Internet."

You can check out any time you want, and so can card-data stealing criminals. (credit: Novotel Century Hong Kong Hotel)

Hotel chains focus on hospitality, but their security practices have made them entirely too hospitable a target for data theft. Hotels have been brutalized over the past year by a wave of point-of-sale system breaches that have exposed hundreds of thousands of guests' credit card accounts. And those attacks, as a recent episode described by Panda Security's Luis Corrons demonstrates, have become increasingly targeted—in some cases using "spear-phishing" e-mails and malware crafted specifically for the target to gain access to hotels' networks.

In one incident that was uncovered recently, the target "was a small luxury hotel chain," Corrons told Ars. "We discovered the attack, and it was really customized for the specific hotel. This was 100 percent tailored to the specific target."

The attackers used a Word document from the hotel itself—one frequently used by the hotel to allow customers to authorize credit card charges in advance of a stay. The document was actually enclosed as part of a self-extracting file, which also installed two other files on the target machine—one of them an installer for backdoor malware named "adobeUpd.dll" to disguise it and the other a Windows .cmd batch script that both opens the Word document and launches the backdoor.

(credit: Alan Cleaver)

A suburban San Francisco man was sentenced to 12 years in prison Monday following his conviction of robbing a Craigslist patron at gunpoint.

The 38-year-old defendant, Tuan Ngoc Luong, was nabbed last year during a sting operation when he tried to rob an undercover Alameda County sheriff's deputy, according to court documents (PDF). His sentence was lengthy because, in part, he was found guilty of being a convicted felon in possession of a Glock semi-automatic pistol.

The investigation began last year after a man saw a Craigslist advertisement about a car—a 1996 Acura Integra—and contacted the seller, who turned out to be the defendant. The two met at a local Bay Area subway station. During a late-evening test drive, the victim got out of the car to inspect it and wanted to buy it for $1,100. The defendant, who went by the name Michael, "pointed a black semi-automatic handgun at the victim and demanded money," according to a police affidavit.

Over the course of the spring, I had the chance to talk about science journalism at a number of universities. (Thanks to the folks at Washington University in St. Louis and the University of Illinois in Chicago for inviting me.) It took about 45 minutes for me to discuss the issues involved and provide a number of examples of things gone badly wrong.

On Sunday, John Oliver managed to cover the same ground and more, and he did it with a lot more flair and humor—all in under 20 minutes. If you have the time, it's well worth a watch.

On Monday, all these science journalism problems were driven home yet again. The University of Gothenburg issued a press release suggesting that hunger influences our decision-making processes. This finding shouldn't be a huge surprise; anything that distracts us seems to influence our ability to make decisions. But the release itself is a perfect example of many of the problems Oliver pointed out.