An anonymous reader quotes a report from Gizmodo: When you go into the privacy settings on your browser, there's a little option there to turn on the "Do Not Track" function, which will send an invisible request on your behalf to all the websites you visit telling them not to track you. A reasonable person might think that enabling it will stop a porn site from keeping track of what she watches, or keep Facebook from collecting the addresses of all the places she visits on the internet, or prevent third-party trackers she's never heard of from following her from site to site. According to a recent survey by Forrester Research, a quarter of American adults use "Do Not Track" to protect their privacy. (Our own stats at Gizmodo Media Group show that 9% of visitors have it turned on.) We've got bad news for those millions of privacy-minded people, though: "Do Not Track" is like spray-on sunscreen, a product that makes you feel safe while doing little to actually protect you.

Yahoo and Twitter initially said they would respect it, only to later abandon it. The most popular sites on the internet, from Google and Facebook to Pornhub and xHamster, never honored it in the first place. Facebook says that while it doesn't respect DNT, it does "provide multiple ways for people to control how we use their data for advertising." (That is of course only true so far as it goes, as there's some data about themselves users can't access.) From the department of irony, Google's Chrome browser offers users the ability to turn off tracking, but Google itself doesn't honor the request, a fact Google added to its support page some time in the last year. [...] "It is, in many respects, a failed experiment," said Jonathan Mayer, an assistant computer science professor at Princeton University. "There's a question of whether it's time to declare failure, move on, and withdraw the feature from web browsers." That's a big deal coming from Mayer: He spent four years of his life helping to bring Do Not Track into existence in the first place. Only a handful of sites actually respect the request -- the most prominent of which are Pinterest and Medium (Pinterest won't use offsite data to target ads to a visitor who's elected not to be tracked, while Medium won't send their data to third parties.)

An anonymous reader shares a report: It may be a while since you've heard the handle "Guccifer 2.0," the hacker who took responsibility for the infamous DNC hack of 2016. Reports from the intelligence community at the time, as well as common sense, pegged Guccifer 2.0 not as the Romanian activist he claimed to be, but a Russian operative. Evidence has been scarce, but one slip-up may have given the game away. An anonymous source close to the U.S. government investigation of the hacker told the Daily Beast that on one single occasion, Guccifer 2.0 failed to log into the usual VPN that disguised their traffic. As a result, they left one honest IP trace at an unnamed social media site.

That IP address, "identified Guccifer 2.0 as a particular GRU officer working out of the agency's headquarters on Grizodubovoy Street in Moscow," the Daily Beast reported. (The GRU is one of the Russia's security and intelligence organs.) Previous work by security researchers had suggested this, but it's the first I've heard of evidence this direct. Assuming it's genuine, it's a sobering reminder of how fragile anonymity is on the internet -- one click and the whole thing comes crashing down.

Last month the FCC had pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. It had demanded the concerned companies to come up with a "concrete, actionable" plan within 30 days. Well, the companies have complied. On Friday, 30 major technology companies announced they are joining the U.S. government to crack down on automated, pre-recorded telephone calls that regulators have labeled as "scourge." Reuters adds: AT&T, Alphabet, Apple, Verizon Communications and Comcast are among the members of the "Robocall Strike Force," which will work with the U.S. Federal Communications Commission. The strike force will report to the commission by Oct. 19 on "concrete plans to accelerate the development and adoption of new tools and solutions," said AT&T Chief Executive Officer Randall Stephenson, who is chairing the group. The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.

schwit1 quotes the MIT Technology Review: The FBI has access to nearly 412 million photos in its facial recognition system—perhaps including the one on your driver's license. But according to a new government watchdog report, the bureau doesn't know how error-prone the system is, or whether it enhances or hinders investigations.

Since 2011, the bureau has quietly been using this system to compare new images, such as those taken from surveillance cameras, against a large set of photos to look for a match. That set of existing images is not limited to the FBI's own database, which includes some 30 million photos. The bureau also has access to face recognition systems used by law enforcement agencies in 16 different states, and it can tap into databases from the Department of State and the Department of Defense. And it is in negotiations with 18 other states to be able to search their databases, too...

Adding to the privacy concerns is another finding in the GAO report: that the FBI has not properly determined how often its system makes errors and has not "taken steps to determine whether face recognition systems used by external partners, such as states and federal agencies, are sufficiently accurate" to support investigations.

StartsWithABang writes: Earlier this month, a conference was held devoted to the question of whether untestable scientific ideas like string theory and the multiverse are actually science or not. While many opinions were stated and no one changed their mind, the answer is apparent: unless you're willing to change the definition of science to include "this thing that isn't science," then no, string theory is not science. It's a theory in the sense of a mathematical theory — like set theory, group theory or number theory — but it isn't yet a scientific theory. Of course, it could become science, but that would require that it actually do the things a scientific theory does: make testable predictions that can be validated or falsified.

schwit1 writes The uncertainty of science: 2014 caps the quietest three year period for tornadoes on record, and scientists really don't understand why. "Harold Brooks, a meteorologist with the National Severe Storms Laboratory in Norman, Okla., said there's no consistent reason for the three-year lull — the calmest stretch since a similar quiet period in the late 1980s — because weather patterns have varied significantly from year to year. While 2012 tornado activity was likely suppressed by the warm, dry conditions in the spring, 2013 was on the cool side for much of the prime storm season before cranking up briefly in late May, especially in Oklahoma, SPC meteorologist Greg Carbin said. Then, activity quickly quieted for the summer of 2013."

bs0d3 writes "Google tells their investors: 'Who are our customers? Our customers are over one million advertisers, from small businesses targeting local customers to many of the world's largest global enterprises, who use Google AdWords to reach millions of users around the world.' Site users don't seem to understand. It's not that it's free. It's that you are the product being sold. ThomasMonopoly points out, 'I'm unaware of any company that feels responsible to their product. And if I'm to understand that they're responsible to their customers, the advertisers, I don't want "the world's largest global enterprises" dictating my identity or choosing who in Syria is granted a voice on the world stage.'"

An anonymous reader writes "Marcia Hofmann, senior staff attorney at the EFF, gives more information on the first known seizure of equipment in the U.S. due to a warrant executed against a private individual running a Tor exit node. 'This spring, agents from Immigration and Customs Enforcement (ICE) executed a search warrant at the home of Nolan King and seized six computer hard drives in connection with a criminal investigation. The warrant was issued on the basis of an Internet Protocol (IP) address that traced back to an account connected to Mr. King's home, where he was operating a Tor exit relay.' The EFF was able to get Mr King's equipment returned, and Marcia points out that 'While we think it's important to let the public know about this unfortunate event, it doesn't change our belief that running a Tor exit relay is legal.' She also links to the EFF's Tor Legal FAQ. This brings up an interesting dichotomy in my mind, concerning protecting yourself from the Big digital Brother: Running an open Wi-Fi hotspot, or Tor exit node, would make you both more likely to be investigated, and less likely to be convicted, of any cyber crimes."

itwbennett writes "Linux has become a dominant player in finance thanks to its ability to pass messages very quickly, said Linux kernel contributor Christoph Lameter. 'The trading shops saw that the lowest-latency solutions would only be possible with Linux,' Lameter said. 'The older Unixes couldn't move as fast as Linux did.' One key attribute was the TCP/IP stack, the configuration of which determines how fast a message can be passed between two systems. Linux also offers financial firms the ability to modify the source code to further speed performance. 'It depends on how daring the exchange is,' he said, noting that NASDAQ uses a modified version of the Gentoo Linux distribution. Lameter will discuss how Linux became widely adopted by financial exchanges at the LinuxCon conference in Vancouver this week."

An anonymous reader writes "NASA has been tasked with landing astronauts on a space rock by 2025, and on the Red Planet by the mid 2030s. To reach those goals, the United States must develop a new heavy-lift rocket capable of traveling that far, and a capsule to bring people safely there and back again. The new Human Exploration and Operations Mission Directorate will be responsible for overseeing all this and more. 'America is opening a bold new chapter in human space exploration,' NASA Administrator Charles Bolden said in a statement. 'By combining the resources of Space Operations and Exploration Systems, and creating the Human Exploration and Operations Mission Directorate, we are recommitting ourselves to American leadership in space for years to come.'"

AHuxley writes "US law enforcement bodies view the sale of instant messaging service ICQ to a Russian company as a threat to homeland security. In spring 2010, Russia's largest Internet investment company, Digital Sky Technologies, agreed to purchase the service for $187 million from AOL. The US is sure that most criminals use ICQ and, therefore, constant access to the ICQ servers is needed to track them down. As the system is based in Israel, American security service have had access. The article concludes, 'Lawyers [of unspecified nationality] say that to block the deal the US Committee on Foreign Investment needed to cancel it no later than within 30 days after the deal has been announced — so unless the rules are broken, nothing can be changed.'"

"Not all is worth cheering about as Adobe turns 20," writes reader adeelarshad82, who excerpts from a story at PC Magazine's Security Watch: "Researcher Aviv Raff has found a problem in ADM (Adobe Download Manager) and the method through which it is delivered from adobe.com. The net effect of the problem is that a user can be tricked into downloading and installing software using ADM without actual consent. Tonight Adobe acknowledged the report and said they were working on the issue with Raff and NOS Microsystems, the company that wrote ADM."