Canonical announced on Friday that Ubuntu forums have been hacked. The company adds that data such as IP address, username, and email address of over two million users have been compromised. BetaNews reports: Keep in mind, this does not mean that the operating system has experienced a vulnerability or weakness. The only thing affected are the online forums that people use to discuss the OS. Still, such a hack is embarrassing as it happened due to Canonical’s failure to install a patch.In a blog post, Jane Silber, Chief Executive Officer, Canonical said, “after some initial investigation, we were able to confirm there had been an exposure of data and shut down the Forums as a precautionary measure. Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched.” Read more of this story at Slashdot.
See the original post:
Ubuntu Linux Forums Hacked — IP Address, Username, Email of 2M Accounts Compromised
An anonymous reader writes: FitnessKeeper, the company behind running app Runkeeper, is in hot water in Europe. The company has received a formal complaint from the Norwegian Consumer Council for breaching European data protection laws. But why? Runkeeper tracks its users’ location at all times — not just when the app is active — and sends that data to advertisers. The NCC, a consumer rights watchdog, is conducting an investigation into 20 apps’ terms and conditions to see if the apps do what their permissions say they do and to monitor data flows. Tinder has already been reported to the Norwegian data protection authority for similar breaches of privacy laws. The NCC’s investigation into Runkeeper discovered that user location data is tracked around the clock and gets transmitted to a third party advertiser in the U.S. called Kiip.me.Finn Myrstad, the council’s digital policy director, said: We checked the apps technically, to see the data flows and to see if the apps actually do what they say they do. Everyone understands that Runkeeper tracks users while they exercise, but to continue after the training has ended is not okay. Not only is it a breach of privacy laws, we are also convinced that users do not want to be tracked in this way, or for information to be shared with third party advertisers. Read more of this story at Slashdot. 
On Friday, WordPress announced that it is bringing free HTTPS to all — “million-plus” — custom domains, essentially ramping up security on every blog and website. The publishing platform says it partnered with Let’s Encrypt project to implement HTTPS across such a voluminous number of sites. From the blog: For you, the users, that means you’ll see secure encryption automatically deployed on every new site within minutes. We are closing the door to un-encrypted web traffic (HTTP) at every opportunity. Read more of this story at Slashdot. 
HughPickens.com writes Drivers across America are rejoicing at falling gasoline prices as pumps across the country dip below $3 a gallon. According to Sharon E. Burke while it’s nice to get the break at the gas pump and the economic benefits of an energy boom at home, the national security price of oil remains high and the United States should be doing everything it can to diversify global energy suppliers. Ultimately, the only way to solve our long term energy problem is to make a sustained, long-term investment in the alternatives to petroleum. But October saw a 52 percent jump in Jeep SUV sales and a 36 percent rise in Ram trucks while some hybrid and electric vehicle sales fell at the same time. “This is like putting a Big Mac in front of people who need to diet or watch their cholesterol, ” says Anthony Perl. “Some people might have the willpower to stick with their program, and some people will wait until their first heart attack before committing to a diet—but if we do that at a planetary scale it will be pretty traumatic.” Nicholas St. Fleur writes at The Atlantic that low oil prices may also undermine the message from the UN’s climate panel. The price drop comes after the UN declared earlier this week that fossil fuel emissions must drop to zero by the end of the century in order to keep global temperatures in check. “I don’t think people will see the urgency of dealing with fossil fuels today, ” says Perl. Falling oil prices may also deter businesses from switching to energy-saving technology, as a 2006 study in the Energy Journal suggested. Saving several pennies at the pump, Perl says, may tempt Americans away from actions that can lead to a sustainable, post-carbon future. Read more of this story at Slashdot. 
schwit1 (797399) writes “A Minnesota school district has agreed to pay $70, 000 to settle a lawsuit that claimed school officials violated a student’s constitutional rights by viewing her Facebook and email accounts without permission. The lawsuit, filed in 2012 by the American Civil Liberties Union of Minnesota, alleged that Riley Stratton, now 15, was given detention after posting disparaging comments about a teacher’s aide on her Facebook page, even though she was at home and not using school computers. After a parent complained about the Facebook chat, the school called her in and demanded her password. With a sheriff deputy looking on, she complied, and they browsed her Facebook page in front of her, according to the report. ‘It was believed the parent had given permission to look at her cellphone, ‘ Minnewaska Superintendent Greg Schmidt said Tuesday. But Schmidt said the district did not have a signed consent from the parent. That is now a policy requirement, he said.'” Asks schwit1, “How is this not a violation of the CFAA?” It sounds like the school was violating Facebook’s Terms of Service, too. Read more of this story at Slashdot.