Alex Hern, writing for The Guardian: Eugene Kaspersky, chief executive and co-founder of the embattled Russian cybersecurity firm that bears his name, believes his company is at the centre of a "designed and orchestrated attack" to destroy its reputation. Over a short period in the summer of 2017, Kaspersky Labs was the subject of multiple media reports alleging that the company had helped Russian intelligence agencies spy on the US, a number of FBI raids on staff members, and a nationwide ban on the use of its software by federal government agencies. "This media attack and government attack from the United States, it was designed and orchestrated," Mr Kaspersky said at a press conference in London. "Because at the same time, there was government, there was FBI, there was media attack. That is expensive ... I mean all kinds of resources: political influence, money, lobbyists, the media etc." When asked directly whether he had ever been asked to help Russian intelligence agencies spy on the US, Kaspersky vehemently denied any such conversations had ever happened saying: "They have never asked us to spy on people. Never." "If the Russian government comes to me and asks me to do anything wrong, I will move the business out of Russia," he added. "We never helped the espionage agencies, the Russians or any other nation."

New submitter unarmed8 shares a report from CyberScoop: Three Democratic senators introduced legislation on Thursday requiring companies to notify customers of data breaches within thirty days of their discovery and imposing a five year prison sentence on organizations caught concealing data breaches. The new bill, called the Data Security and Breach Notification Act, was introduced in the wake of reports that Uber paid $100,000 to cover up a 2016 data breach that affected 57 million users. The scope of what kind of data breach falls under this is limited. For instance, if only a last name, address or phone number is breached, the law would not apply. If an organization "reasonably concludes that there is no reasonable risk of identity theft, fraud, or other unlawful conduct," the incident is considered exempt from the legislation.

"We need a strong federal law in place to hold companies truly accountable for failing to safeguard data or inform consumers when that information has been stolen by hackers," Sen. Bill Nelson, D-Fla., said in a statement. "Congress can either take action now to pass this long overdue bill or continue to kowtow to special interests who stand in the way of this commonsense proposal. When it comes to doing what's best for consumers, the choice is clear."

Republican FCC Chairman Ajit Pai is doubling down on his critique of tech companies, asking whether social media is "a net benefit to American society" in remarks at the Media Institute on Wednesday. "Now, I will tell you upfront that I don't have an answer." From a report: What he said: Pai made the case that social media has been key to the politicization of many aspects of American life. "Everything nowadays is political. Everything. ... This view that politics-is-all is often made worse by social media," he said, per his prepared remarks.

The White House is considering banning its employees from using personal mobile phones while at work. While President Trump has been vocal about press leaks since taking office, one official said the potential change is driven by cybersecurity concerns. Bloomberg reports: One official said that there are too many devices connected to the campus wireless network and that personal phones aren't as secure as those issued by the federal government. White House Chief of Staff John Kelly -- whose personal phone was found to be compromised by hackers earlier this year -- is leading the push for a ban, another official said. The White House already takes precautions with personal wireless devices, including by requiring officials to leave phones in cubbies outside of meeting rooms where sensitive or classified information is discussed. Top officials haven't yet decided whether or when to impose the ban, and if it would apply to all staff in the executive office of the president. While some lower-level officials support a ban, others worry it could result in a series of disruptive unintended consequences.

An anonymous reader quotes a report from Ars Technica: For years, Comcast has been promising that it won't violate the principles of net neutrality, regardless of whether the government imposes any net neutrality rules. That meant that Comcast wouldn't block or throttle lawful Internet traffic and that it wouldn't create fast lanes in order to collect tolls from Web companies that want priority access over the Comcast network. This was one of the ways in which Comcast argued that the Federal Communications Commission should not reclassify broadband providers as common carriers, a designation that forces ISPs to treat customers fairly in other ways. The Title II common carrier classification that makes net neutrality rules enforceable isn't necessary because ISPs won't violate net neutrality principles anyway, Comcast and other ISPs have claimed.

But with Republican Ajit Pai now in charge at the Federal Communications Commission, Comcast's stance has changed. While the company still says it won't block or throttle Internet content, it has dropped its promise about not instituting paid prioritization. Instead, Comcast now vaguely says that it won't "discriminate against lawful content" or impose "anti-competitive paid prioritization." The change in wording suggests that Comcast may offer paid fast lanes to websites or other online services, such as video streaming providers, after Pai's FCC eliminates the net neutrality rules next month.

Dictionary.com has selected "complicit" as its word of the year for 2017, citing the term's renewed relevance in U.S. culture and politics -- and noting that a refusal to be complicit has also been "a grounding force of 2017." From a report: The website defines "complicit" as "choosing to be involved in an illegal or questionable act, especially with others; having complicity." Interest in the word spiked several times this year, Dictionary.com says -- most notably when Ivanka Trump said in April, "I don't know what it means to be complicit."

An anonymous reader shares a report: Google does not change its search algorithm to re-rank individual websites, it said in a letter to Russia's communications watchdog, after Moscow expressed concerns the search engine might discriminate against Russian media. The Roskomnadzor watchdog said earlier this month it would seek clarification from Google over whether it intentionally placed articles from Russian news websites Sputnik and Russia Today lower in search results. Responding to a question about Sputnik articles at a conference earlier in November, Alphabet Executive Chairman Eric Schmidt said Google was working to give less prominence to "those kinds of websites" as opposed to delisting them.

Long-time Slashdot reader speedplane writes: Yes, we've all heard that net neutrality is on its way out, and it seems NPR was able to snag one of the few (the only?) interview's of Ajit Pai on its effect. Sadly, NPR's Rachel Martin stuck to very broad and basic questions, and failed to press Pai on the change of policy. That said, it's worth a listen.
Pai insists that "We saw companies like Facebook, and Amazon and Google become global powerhouses precisely because we had light-touch rules that applied to this Internet. The Internet wasn't broken in 2015 when these heavy-handed regulations were adopted, and once we remove them, I think we'll continue to see the infrastructure investment that will benefit digital consumers and entrepreneurs alike... I've talked to a lot of companies that say, look, we want to be able to invest in these networks, especially in rural and low-income urban areas, but the more heavy-handed the regulations are, the less likely we can build a business case for doing it."

But New York's Attorney General Eric Schneiderman says he's spent six months investigating "a massive scheme to corrupt the FCC's notice and comment process" for net neutrality, adding that "the FCC has refused multiple requests for crucial evidence." (Nine requests over five months were ignored.) And now over 65,000 people have signed a new online petition at WhiteHouse.gov calling for the immediate removal of Ajit Pai as the FCC's chairman, calling him "a threat to our freedoms."

Meanwhile, The Verge has compiled "a list of the lawmakers who voted to betray you," with each listing also including "how much money they received from the telecom industry in their most recent election cycle."

An anonymous reader quotes Reuters: A bipartisan Harvard University project aimed at protecting elections from hacking and propaganda will release its first set of recommendations today on how U.S. elections can be defended from hacking attacks. The 27-page guidebook calls for campaign leaders to emphasize security from the start and insist on practices such as two-factor authentication for access to email and documents and fully encrypted messaging via services including Signal and Wickr. The guidelines are intended to reduce risks in low-budget local races as well as the high-stakes Congressional midterm contests next year.

Though most of the suggestions cost little or nothing to implement and will strike security professionals as common sense, notorious attacks including the leak of the emails of Hillary Clinton's campaign chair, John Podesta, have succeeded because basic security practices were not followed... "We heard from campaigns that there is nothing like this that exists," said Debora Plunkett, a 31-year veteran of the National Security Agency who joined the Belfer Center this year. "We had security experts who understood security and election experts who understood campaigns, and both sides were eager to learn how the other part worked."
The group includes "top security experts" from both Google and Facebook.

An anonymous reader quotes a report from Bloomberg: Facebook will show people which Russian propaganda pages or accounts they've followed and liked on the social network, responding to a request from Congress to address manipulation and meddling during the 2016 presidential election. The tool will appear by the end of the year in Facebook's online support center, the company said in a blog post Wednesday. It will answer the user question, "How can I see if I've liked or followed a Facebook page or Instagram account created by the Internet Research Agency?" That's the Russian firm that created thousands of incendiary posts from fake accounts posing as U.S. citizens. People will see a list of the accounts they followed, if any, from January 2015 through August 2017. Facebook will only be showing people the names of the pages and accounts, not the content. A user will only see what they liked or followed, so if they simply saw IRA content in their news feeds, they won't be notified.

wyattstorch516 writes: The Trump administration is tightening the scrutiny on the H-1B visa program (Warning: paywalled; alternative source). Changes would undo actions by the Obama administration. There are two big regulatory changes looming that would undo actions by the Obama administration. "The first change allowed spouses of H-1B workers the right to work. That regulation is being challenged in court and the Trump administration is expected to eliminate the provision rather than defend it," reports WSJ. "The second change affects the Optional Practical Training program, which allows foreign graduates from U.S. colleges in science and technology an extra two years of work authorization, giving them time to win an H-1B visa. The Trump administration could kill that benefit or reduce the two-year window, according to people familiar with the discussions." The Journal highlights a "series of more modest changes that have added scrutiny to visa processing":

- "USCIS directed last month that adjudicators no longer pay 'deference' to past determinations for renewal applications. This means an applicant's past approval won't carry any weight if he or she applies for a renewal.

- The agency is conducting more applicant interviews, which critics say slows the system. The agency spokesman says this process will ramp up over several years and is needed to detect fraud and make accurate decisions.

- In the spring, the agency suspended premium processing, which allowed for fast-track consideration to those who paid an extra fee. This option wasn't resumed until October, meaning many workers who qualified for a coveted H-1B visa had to wait months for a decision.

- State Department officials have been told to consider that Mr. Trump's 'Buy American, Hire American' executive order directs visa programs must 'protect the interests of United States workers.' And the Foreign Affairs Manual now instructs officers to scrutinize applications of students to ensure they plan to return to their home countries. A State Department official said the official rules haven't changed but said a 'comprehensive' review is under way."

Camel Pilot writes: The new GOP tax plan -- which just passed the House -- will tax tuition waivers as income. Graduate students working as research assistants on meager stipends would have to declare tuition waivers as income on the order of $80,000 income. This will force many graduate students of modest means to quit their career paths and walk away from their research. These are the next generation of scientists, engineers, inventors, educators, medical miracle workers and market makers. As Prof Claus Wilke points out: "This would be a disaster for U.S. STEM Ph.D. education." Slashdot reader Camel Pilot references a report via The New York Times, where Erin Rousseau explains how the House of Representatives' recently passed tax bill affects graduate research in the United States. Rousseau is a graduate student at M.I.T. who studies the neurological basis of mental health disorders. "My peers and I work between 40 and 80 hours a week as classroom teachers and laboratory researchers, and in return, our universities provide us with a tuition waiver for school. For M.I.T. students, this waiver keeps us from having to pay a tuition bill of about $50,000 every year -- a staggering amount, but one that is similar to the fees at many other colleges and universities," he writes. "No money from the tuition waivers actually ends up in our pockets, so under Section 117(d)(5), it isn't counted as taxable income." Rousseau continues by saying his tuition waivers will be taxed under the House's tax bill. "This means that M.I.T. graduate students would be responsible for paying taxes on an $80,000 annual salary, when we actually earn $33,000 a year. That's an increase of our tax burden by at least $10,000 annually."

An anonymous reader shares a report: Billionaire venture capitalist and Facebook board member Peter Thiel is no longer affiliated with startup accelerator Y Combinator, according to an edited company blog post. Thiel was formerly a part-time partner with the accelerator. BuzzFeed News confirmed his departure with a source familiar with Y Combinator's management structure. Thiel's departure from Y Combinator was not previously announced. It comes long after Y Combinator president Sam Altman defended Thiel's role at the accelerator, following criticism of Thiel's support of then-presidential candidate Donald Trump. A source close to Y Combinator said that the company ended its part-time partners program, which Thiel was a part of, some time last year. While some other part-time partners moved over to a program called "experts," which provides advice to Y Combinator entrepreneurs, Thiel did not join.

sqorbit writes: Independent watchdog group Freedom House released a report that claims that 18 nation's elections were "hacked." Of the 65 countries that Freedom House monitors, 30 appear to be using social media in order to affect elections by attempting to control online discussions. The report covers fake news posts, paid online opinion writers and trolling tactics. Other items in the report speak to online censorship and VPN blocking that blocks information within countries to interfere with elections. The report says net freedom could be aided by: large-scale programs that showed people how to spot fake news; putting tight controls on political adverts; and making social media giants do more to remove bots and tune algorithms to be more objective.

An anonymous reader shares an Associated Press report: Leading researchers castigated a federal plan that would use artificial intelligence methods to scrutinize immigrants and visa applicants, saying it is unworkable as written and likely to be "inaccurate and biased" if deployed. The experts, a group of more than 50 computer and data scientists, mathematicians and other specialists in automated decision-making, urged the Department of Homeland Security to abandon the project, dubbed the "Extreme Vetting Initiative." That plan has its roots in President Donald Trump's repeated pledge during the 2016 campaign to subject immigrants seeking admission to the United States to more intense ideological scrutiny -- or, as he put it, "extreme vetting." Over the summer, DHS published a "statement of objectives" for a system that would use computer algorithms to scan social media and other material in order to automatically flag undesirable entrants -- and to continuously scan the activities of those allowed into the U.S.

An anonymous reader quotes a report from Bloomberg: The U.S. Federal Communications Commission under its Republican chairman plans to vote in December to kill the net neutrality rules passed during the Obama era, said two people briefed on the plans. Chairman Ajit Pai in April proposed gutting the rules that he blamed for depressing investment in broadband, and said he intended to "finish the job" this year. The chairman has decided to put his proposal to a vote at the FCC next month, said the people. The agency's monthly meeting is to be held Dec. 14. The people asked not to be identified because the plan hasn't been made public. It's not clear what language Pai will offer to replace the rules that passed with only Democratic votes at the FCC in 2015. He has proposed that the FCC end the designation of broadband companies such as AT&T Inc. and Comcast Corp. as common carriers. That would remove the legal authority that underpins the net neutrality rules. One of the people said Pai may call for vacating the rules except for portions that mandate internet service providers inform customers about their practices. The current regulations forbid broadband providers from blocking or slowing web traffic, or from charging higher fees in return for quicker passage over their networks.

An anonymous reader quotes a report from Ars Technica: The Republican attorney general of Missouri has launched an investigation into Google's business practices. Josh Hawley wants to know how Google handles user data. And he plans to look into whether Google is using its dominance in the search business to harm companies in other markets where Google competes. It's another sign of growing pressure Google is facing from the political right. Grassroots conservatives increasingly see Google as falling on the wrong side of the culture wars. So far that hasn't had a big impact in Washington policymaking. But with Hawley planning to run for the U.S. Senate next year, we could see more Republican hostility toward Google -- and perhaps other big technology companies -- in the coming years. The Hawley investigation will dig into whether Google violated Missouri's consumer-protection and antitrust laws. Specifically, Hawley will investigate: "Google's collection, use, and disclosure of information about Google users and their online activities," "Google's alleged misappropriation of online content from the websites of its competitors," and "Google's alleged manipulation of search results to preference websites owned by Google and to demote websites that compete with Google." States like Missouri have their own antitrust laws and the power to investigate company business conduct independently of the feds. So Hawley seems to be taking yet another look at those same issues to see if Google's conduct runs afoul of Missouri law.

We don't know if Hawley will get the Republican nomination or win his challenge to Sen. Claire McCaskill (D-Mo.) next year, but people like him will surely be elected to the Senate in the coming decade. Hawley's decision to go after Google suggests that he sees some upside in being seen as an antagonist to a company that conservatives increasingly view with suspicion. More than that, it suggests that Hawley believes it's worth the risk of alienating the GOP's pro-business wing, which takes a dim view of strict antitrust enforcement even if it targets a company with close ties to Democrats.

Dustin Volz, reporting for Reuters: About 15 percent of U.S. federal agencies have reported some trace of Moscow-based Kaspersky Lab software on their systems, a Department of Homeland Security (DHS) official told Congress on Tuesday. Jeanette Manfra, assistant secretary for cyber security at DHS, told a U.S. House of Representatives panel that 94 percent of agencies had responded to a directive ordering them to survey their networks to identify any use of Kaspersky Lab products and to remove them. But Manfra said DHS did "not currently have conclusive evidence" that any networks had been breached due to their use of Kaspersky Lab software. The administration of President Donald Trump ordered civilian U.S. agencies in September to remove Kaspersky Lab from their networks, amid worries the antivirus firm was vulnerable to Kremlin influence and that using its anti-virus software could jeopardize national security.

Geoffrey.landis writes: The Atlantic profiles a computer scientist: Barbara Simons, who has been on the forefront of the pushback against electronic voting as a technology susceptible to fraud and hacking. When she first started writing articles about the dangers of electronic voting with no paper trail, the idea that software could be manipulated to rig elections was considered a fringe preoccupation; but Russia's efforts to influence the 2016 presidential election have reversed Simons's fortunes. According to the Department of Homeland Security, those efforts included attempts to meddle with the electoral process in 21 states; while a series of highly publicized hacks -- at Sony, Equifax, the U.S. Office of Personnel Management -- has driven home the reality that very few computerized systems are truly secure. Simons is a former President of the Association for Computing Machinery (ACM); and the group she helps run, Verified Voting, has been active in educating the public about the dangers of unverified voting since 2003.

Paul Mozur, reporting for the New York Times: China does not allow its people to gain access to Facebook, a powerful tool for disseminating information and influencing opinion. As if to demonstrate the platform's effectiveness, outside its borders China uses it to spread state-produced propaganda around the world, including the United States (Editor's note: the link could be paywalled; alternative source). So much do China's government and companies value Facebook that the country is Facebook's biggest advertising market in Asia, even as it is the only major country in the region that blocks the social network. A look at the Facebook pages of China Central Television, the leading state-owned broadcast network better known as CCTV, and Xinhua, China's official news agency, reveals hundreds of English-language posts intended for an English-speaking audience. Each quarter China's government, through its state media agencies, spends hundreds of thousands of dollars to buy Facebook ads, according to a person with knowledge of those deals, who was unauthorized to talk publicly about the company's revenue streams. China's propaganda efforts are in the spotlight with President Trump visiting the country and American lawmakers investigating foreign powers's use of technology to sway voters in the United States.