By Susanna Lichter

New Cyberweapon Duqu Possibly Spawned from Stuxnet Worm

Computer security analysts warn that Stuxnet, the sophisticated worm that wreaked havoc on Iran’s nuclear program, could be a precursor to more cyber attacks on industrial control systems, according to The Washington Post. There is definite evidence that Duqu, a dangerous new weapon that appears to borrow some of the Stuxnet original source code, was used in an attack last month. The New York Times reports that authorities are divided as to whether Duqu was created by reverse-engineering Stuxnet or if it was wholly made from scratch; however, the Hungarian lab that discovered Duqu says the two cyberweapons are “nearly identical.” The news raises fears that attackers could use these cyber devices to hack into the world’s infrastructure and manipulate water treatment facilities, power plants, and other critical systems.

FBI Announces Timline for Implementing Controversial Facial Recognition Tools

Next.gov reports the Federal Bureau of Investigation will begin implementing the use of facial recognition services as early as January, according to bureau officials. The new tools are designed to find matches from among the 10 million mug shots housed in the FBI database when uploaded with a picture of a suspected criminal. The Electronic Frontier Foundation has expressed concern that the new features will create false positives and infringe on people’s privacy rights.

Hacker Collective Anonymous Warns of Forthcoming Attack on Fox News

CNET reports that Hacker activist group Anonymous released a video unveiling plans to infiltrate the Fox News website early next month. The collective, which has aligned itself with the Occupy Wall Street movement, says the attack is a retaliation of Fox News’ biased coverage of the OWS protests. In another video issued last week, Anonymous demanded the release of one of its members who was kidnapped by the Mexican drug cartel Los Zetas while attending a protest in Veracruz, Mexico. The Houston Chronicle reports that Anonymous has threatened to publish the identities and addresses of Los Zetas’ associates if its demands are not met by November 5^th. Anonymous also made headlines multiple times last week, taking responsibility for operations targeted at police websites and child pornography servers. The collective hacked into a Boston law enforcement site’s server, altering the website’s homepage and leaking police names and passwords. They also took 40 child pornography sites offline.

District Court Strikes Poster and Sticker Requirements from San Francisco Cell Phone Health Risk Ordinance
By Heejin Choi – Edited by Charlie Stiernberg

CTIA – The Wireless Ass’n v. City and Cnty. of S.F., Cal., No. C 10-03224 WHA (N.D. Cal. Oct. 27, 2011)
Slip Opinion hosted by Justia.com

The District Court for the Northern District of California, ruling on a motion for preliminary injunction against San Francisco’s “Cell Phone Disclosure Requirements” ordinance, temporarily stayed the measure until necessary revisions were made.

The ordinance requires cell phone retailers to inform customers of the possible harmful effects of cell phone radiation by displaying informational posters on its walls, placing stickers on other displays, and providing a fact-sheet to customers, regardless of whether they purchased a cell phone or not.

Judge William Alsup concluded that changes must be made to the fact-sheet to comply with the First Amendment. He further held that the posters and stickers were unconstitutional, even with the changes.

TechCrunch provides an overview of the case. Ars Technica mentions a recently conducted study showing no link between cancer and cell phone usage.  (more…)

Stop Online Piracy Act Seeks to Block Piracy Websites
By Amy Rossignol – Edited by Charlie Stiernberg

H.R. 3261 – Stop Online Piracy Act
Bill

The proposed Stop Online Piracy Act, introduced by House Judiciary Committee Chairman Lamar Smith (R-TX), would vest in the U.S. Attorney General the power to regulate and prevent access to foreign websites infringing on U.S. Intellectual Property (“IP”) rights. The U.S. Attorney General, with court approval, would be able to issue orders to block access to and commercial transactions with the suspected websites.

The bill would grant immunity from liability to Internet service providers, payment network providers, advertising services, or domain name registries that choose to voluntarily block or end affiliation with a website suspected of being “dedicated to theft of U.S. property.” The bill also seeks to ban any tools designed to circumvent or bypass such measures.

Ars Technica provides an overview of the bill. Wired compares the bill to the Senate’s Protect IP Act. The Los Angeles Times discusses more of the political motivation behind the bill. (more…)

By Marsha Sukach

FCC and CTIA Announce Plan to Reduce “Bill Shock”

The FCC, the wireless communications association CTIA, and Consumers Union have announced a plan to help customers avoid “bill shock,” or the discovery of unexpected charges that consumers must pay when they exceed their monthly voice, data, and text limits. The FCC identified bill shock as a major problem, CNET reports, with many complaints from consumers who were surprised to find additional charges on their bill. A year ago, the FCC proposed adopting a regulation forcing wireless providers to send alerts to consumers, but this regulation was heavily opposed in the industry. Instead, under the current deal, wireless providers covering 97 percent of users have agreed to provide consumers with alerts voluntarily, according to the Washington Post. The new alerts will begin within 18 months, and will include wireless phone and tablet services, CNET explains.

Verisign Wants Authority to Shut Down Websites Without a Court Order

Verisign, the company that manages .com and .net registrations, wants the power to shut down websites on the request of law enforcement, TIME reports. Verisign filed a request with ICANN, the nonprofit that oversees the Internet’s domain name system, to “allow the denial, cancellation or transfer” of domain name registrations to comply with “laws, government rules or requirements, requests of law enforcement or other governmental quasi-governmental agency, or any dispute resolution process.” The policy is aimed largely at taking down sites that harbor malware, launch phishing attacks, or are otherwise used to launch attacks across the Internet, reports Ars Technica. However, the language does not indicate that the proposed policy will be limited to such cases, and some experts worry that this authority would create an opportunity for abuse by law enforcement.

Amazon’s Kindle Fire Raises Privacy Concerns

Amazon’s coming tablet, the Kindle Fire, is raising privacy concerns with its new Silk browser, ZDNet reports. While Silk may provide faster browsing, funneling all user activity through Amazon’s own servers, it can also track everything that a user does on the web, and create a permanent record of those activities. In Congress, there has been unease on both sides of the aisle, as well as a demand for answers, according to Ars Technica. Rep. Ed Markey (D-MA), co-Chair of the Congressional Bi-Partisan Privacy Caucus, wrote a letter to Amazon CEO Jeff Bezos inquiring about the nature of the information that Amazon plans to collect, how it plans to use the information, and the level of control that customers will have over their data. When Amazon first introduced the Fire, writes the New York Times, it drew a distinction between activity on its own site, which is individually tracked with the user’s permission, and activity on the rest of the internet, which would be aggregated but not linked to users’ identities. Concerns remain, but EFF concludes that it is generally satisfied with Silk’s privacy design, saying that users can easily turn off cloud acceleration mode, and that the safeguards create sufficient protection.

Federal Circuit Jettisons the Presumption of Irreparable Harm in Injunctive Relief
By Charlie Stiernberg – Edited by Abby Lauer

Robert Bosch LLC v. Pylon Mfg. Corp., No. 2011-1096 (Fed. Cir. Oct. 13, 2011)
Slip Opinion

The Federal Circuit reversed the United States District Court for the District of Delaware, which had denied plaintiff Bosch’s post-trial motion for a permanent injunction, and remanded the case with instructions to enter appropriate injunctive relief.

Judge O’Malley, writing for a divided panel, held that the district court had abused its discretion in denying Bosch’s request for a permanent injunction of Pylon’s infringing windshield wiper blade products. Previous cases had not clarified whether the presumption of irreparable harm in the context of injunctive relief remained intact following the Supreme Court’s decision in eBay Inc. v. MercExchange, L.L.C., 547 U.S. 388 (2006). In Bosch, the Federal Circuit “put the question to rest” and confirmed that eBay “jettisoned” the presumption of irreparable harm in determining the appropriateness of a permanent injunction. Slip op. at 10. The court then held that the district court had erred in its analysis of the irreparable harm factor by relying exclusively on the presence of additional competitors in the market and on the “non-core” nature of Bosch’s wiper blade business. Id. at 13.

IPBiz provides a summary of the case. PatentlyO examines the decision and applauds the Federal Circuit’s recognition of patents as property rights when performing an injunction analysis. Patent Prospector criticizes the court for putting the injunction in place without remanding to the district court.

(more…)