Government

FCC Proposes New Restrictions On How Broadband Providers Share Data 23

An anonymous reader quotes a report from The Verge: In a 3-2 vote, the FCC agreed to propose new privacy rules for broadband providers like Comcast and Verizon, as part of the FCC's new powers under Section 222 of Title II. The proposal will now enter a comment period, in which providers and other stakeholders will weigh in, before the commission can vote on whether to approve it. Under the proposed rules, providers would have implicit permission to collect any data necessary for providing internet service, typically including name, IP address and other basic subscriber information. Unless the customer opts out, providers would also be able to collect and share data specifically for the purpose of marketing other communications services. Any other use of the data, like sharing it with third-party marketing programs, would require explicit consent from the customer. The rules would also institute new transparency and data security requirements.
AT&T

Zero-Rating Harms Poor People, Public Interest Groups Tell FCC (vice.com) 205

An anonymous reader links to an article on Motherboard: The nation's largest internet service providers are undermining US open internet rules, threatening free speech, and disproportionately harming poor people by using a controversial industry practice called "zero-rating," a coalition of public interest groups wrote in a letter to federal regulators on Monday. Companies like Comcast, Verizon and AT&T use zero-rating, which refers to a variety of practices that exempt certain services from monthly data caps, to undercut "the spirit and the text" of federal rules designed to protect net neutrality, the principle that all content on the internet should be equally accessible, the groups wrote. Zero-rated plans "distort competition, thwart innovation, threaten free speech, and restrict consumer choice -- all harms the rules were meant to prevent," the groups wrote. "These harms tend to fall disproportionately on low-income communities and communities of color, who tend to rely on mobile networks as their primary or exclusive means of access to the internet."
Databases

1.5 Million Verizon Customer Records Put Up For Sale (arstechnica.com) 26

An anonymous reader writes: A customer database as well as information about Verizon security flaws were reportedly put up for sale by criminals this week after a data breach at Verizon Enterprise Solutions. According to KrebsOnSecurity, "a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise." The entire database was priced at $100,000, or $10,000 for each set of 100,000 customer records. "Buyers also were offered the option to purchase information about security vulnerabilities in Verizon's Web site," security journalist Brian Krebs reported. Verizon has apparently fixed the security flaws and has reassured its customers by saying "our investigation to date found an attacker obtained basic contact information on a number of our enterprise customers" and that "no customer proprietary network information (CPNI) or other data was accessed or accessible."
AT&T

Netflix Admits To Capping Video Streams On Wireless Networks (variety.com) 69

An anonymous reader cites a story on Variety: Company says it plans to launch feature to give users control over mobile-video usage in May. Netflix has enforced a maximum limit on the quality of video streamed over AT&T and Verizon wireless networks for years, the company acknowledged Thursday. But Netflix also said it's working on a way to give users control over how much bandwidth they wish to use to access the service. The No. 1 subscription-streaming service said its default bit rate for viewing over mobile networks has been capped at 600 kilobits per second. That's 'in an effort to protect our members from overage charges when they exceed mobile-data caps,' according to a Netflix spokeswoman.
HP

Microsoft and HP Enterprise Invest $73.5 Million In Mesosphere Startup (thestack.com) 27

An anonymous reader quotes a report from The Stack: Mesosphere, creator of the world's first data center operating system, has confirmed significant strategic investment from Microsoft and Hewlett Packard Enterprise. Mesosphere, built on the open-source Apache Mesos project, closed $73.5 million in a Series C funding round. With HPE and Microsoft leading the round, the startups total funding to date tallies at almost $126 million. The operating system is currently used at mega-scale by customers including Verizon, Netflix and Twitter. It also underpins Microsoft's Azure Container solutions.
Android

Major US Carriers Open Free Calls And Texts To Brussels (androidheadlines.com) 58

An anonymous reader quotes from a report on AndroidHeadlines: Following the attacks at Brussels International Airport and the Maelbeek Subway Station in Brussels, Belgium earlier this morning, all four major U.S. carriers have announced that they will be offering their customers the opportunity to make free calls to Brussels, as a means of letting customers keep in contact with friends and loved ones who live or are traveling within the city, a gesture which both Verizon and Sprint offered to customers last year following the attacks in Paris, France. As the city of Brussels begins and continues to mourn in the wake of the attacks, Sprint, T-Mobile, ATT, and Verizon Wireless will all offer free calls and texts to Brussels from the U.S., beginning today and lasting throughout the next few days to a week.
Security

Hackers Modify Water Treatment Parameters By Accident (softpedia.com) 139

An anonymous reader writes: Verizon's RISK security team has revealed details on a data breach they investigated where some hackers (previously tied to hacktivism campaigns) breached a payments application from an unnamed water treatment and supply company [PDF, page 38], and also escalated their access to reach SCADA equipment responsible for the water treatment process. The hackers modified water treatment chemical levels four different times. The cause of this intrusion seems to be bad network design, since all equipment was interconnected with each other in a star network design, and the payments app contained an INI file with the administrative password for the central router, from where the hackers reached the water treatment SCADA equipment. Of course, the hackers had no clue what they were modifying. Nobody got poisoned or sick in the end.
Google

Tavis Ormandy Criticizes Meaningless Antivirus Excellence Awards (softpedia.com) 72

An anonymous reader writes: A Google security expert (Tavis Ormandy) has become annoyed with antivirus products receiving awards a week after he finds huge security holes in their software. He's talking about Comodo who received an "excellence" award from Verizon, after the researcher discovered 4 security issues in the past four months, and is in the process of submitting a fifth. His criticism of Comodo and Verizon's silly awards is also validated by the fact that during the past year, he discovered security flaws in numerous antivirus and security software such as Avast, Malwarebytes, Trend Micro, AVG, FireEye, Kaspersky, and ESET.
Security

FTC Demands Info From PCI Auditors On Breached Companies' Compliance 101

Trailrunner7 writes: The Federal Trade Commission has sent an order to nine of the larger companies that do PCI DSS assessments, demanding that the organizations turn over detailed information on how they conduct those audits, how often they actually declare a company non-compliant, and many other details. The FTC on Monday said it has sent orders to nine of these companies, including Mandiant, PricewaterhouseCoopers, and Verizon Enterprise Solutions, requiring that they provide details of how they handle those assessments. Specifically, the FTC is very interested in how many companies were deemed PCI compliant in the year before they suffered a data breach. Many companies that have been victims of data breaches over the years have touted the fact that they were PCI compliant at the time of their breaches. This has not escaped the FTC's notice
Verizon

Verizon To Pay $1.35 Million Fine To Settle US Privacy Probe (reuters.com) 51

chasm22 writes: Verizon Communications Inc agreed to pay a $1.35 million fine after the Federal Communications Commission said on Monday it found the company's wireless unit violated the privacy of its users. Verizon Wireless agreed to get consumer consent before sending data about "supercookies" from its more than 100 million users, under a settlement. The largest U.S. mobile company inserted unique tracking codes in its users traffic for advertising purposes. Supercookies are unique, non-removable identifiers inserted into web traffic to identify customers in order to deliver targeted ads from Verizon and others. The FCC said Verizon Wireless failed to disclose the practice from late 2012 until 2014, violating a 2010 FCC regulation on internet transparency. The FCC also said the supercookies overrode consumers privacy practices they had set on web browsers, which led some advocates to call it a "zombie cookie." Under the agreement, consumers must opt in to allow their information to be shared outside Verizon Wireless, and have the right to "opt out" of sharing information with Verizon.
Privacy

Paperless Statements Not Always Best Choice, Says New Report 167

HughPickens.com writes: Ann Carrns reports at the NYT that despite a push by financial institutions to switch customers to digital statements from paper, the traditional hard-copy version may work better for some people, in particuar particular, older, less educated and lower-income consumers who may lack fast Internet connections at home. According to a new report from the National Consumer Law Center, even consumers who know the Internet may simply prefer paper, because statement notifications can easily be overlooked in a deluge of email. Also unlike paper statements, which can be neatly collected and filed away, going paperless on multiple accounts will mean having that information scattered under different user names and passwords. You may also be surprised to learn you have to pay for copies of some older statements. "If you have a system for organizing your paper statements, you should think about how that's going to translate online," says Jim Bruene. Finally you may not be able to go back as far with paperless statements. At Verizon, cellphone customers get up to 12 months of past statements. Customers can also request older statements dating back seven years for $5 per copy.

Under federal law, banks must obtain consent from consumers to deliver statements electronically. But banks are sometimes aggressive in encouraging customers to opt out of receiving paper statements. Last summer, holders of some Chase credit cards received pop-up ads when they logged into their accounts online, asking them to switch to electronic statements. The notice said "Action Required," even though no action was necessary if cardholders simply wanted to continue receiving paper statements. The screen showed buttons for "accept" and "manage my preferences," but not for "decline."
Crime

Pirates Hacked Shipping Firm's CMS To Plan Attacks, Find Valuable Cargo (softpedia.com) 104

An anonymous reader writes: Verizon's most recent Data Breach Digest includes a curious hacking case. Apparently a group of sea pirates have hired a hacker who uploaded a Web shell to a shipping company's CMS that allowed them to download cargo inventories and ship routes. They then used this information to attack ships, equipped with a barcode reader (and weapons of course), searching specific crates, emptying all the high-value cargo, and making off with the loot within minutes of launching their attacks.
Intel

AT&T and Intel Team Up To Test Drone Technology (venturebeat.com) 23

New submitter MitchRandall writes: Wireless provider AT&T Inc said on Monday it will partner with chipmaker Intel Corp to test the functionality of drones on its high-speed LTE wireless network. AT &T will work with Intel to examine the efficiency of drones on its LTE network at higher altitudes and potential interference with airwaves related to areas such as video streaming and flight information, AT&T said in a statement. Intel has been aggressively investing in drone technology in recent years. With the U.S. wireless market over-saturated, AT&T is betting on growth from the 'Internet of Things', or web-connected machines and gadgets from cars, home appliances to drones, a new battleground for the company and rivals ranging from Verizon Communications Inc to Amazon.com Inc.
Transportation

Surveillance Culture Brought To the Masses, Courtesy of Verizon (consumerist.com) 215

kheldan writes: Verizon is now offering a way to secretly track your family members' whereabouts and driving habits with your smartphone: "Do you have a teen driver in your household and want to know every time they get a little overzealous with the accelerator? Or maybe you're pretty sure your spouse's frequent trips to 'the office' are not so innocent? If so, then an upcoming update for Verizon's 'hum' in-car smart device might be just what you're looking for.' The new 'features' added will allow you to receive alerts if the target vehicle leaves a predetermined area, drives faster than a preset level, its location, and keeps a history of all the above for later review.
Verizon

Verizon's Mobile Video Won't Count Against Data Caps -- but Netflix Will (arstechnica.com) 106

Earthquake Retrofit writes: Ars Technica has a story about how Verizon Wireless is testing the limits of the Federal Communications Commission's net neutrality rules; Verizon has announced that it will exempt its own video service from mobile data caps—while counting data from competitors such as YouTube and Netflix against customers' caps.
Facebook

Top Telcos Join Facebook Open Source Hardware Project (thestack.com) 18

An anonymous reader sends word about the latest telcos to join Facebook's Open Compute Project. The Stack reports: "A new wave of communications companies has joined Facebook's non-profit Open Compute Project (OCP), including AT&T, Verizon, Deutsche Telekom and South Korea's SK Telecom, as the movement seeks to share innovative hardware designs and drive down costs in the telecom arena. An OCP sub-section focused entirely on telecom requirements has been set up to look into servers and networking efficiency in the field. As one of the largest hardware buyers, telcos will provide a significant new market for the project, alongside its successful data center efforts.
Wireless Networking

Verizon Vows To Build the First 5G Network In the US (networkworld.com) 103

alphadogg writes: Verizon says it will have the first 5G network in the U.S., a promise it probably can't fulfill until 2020 but will start working at this year. Verizon Chief Financial Officer Fran Shammo made the pledge Thursday on the company's fourth-quarter financial results call. He also repeated the company's plans for so-called 5G trials this year.
Security

Teen Hacks US Intelligence Chief's Personal Accounts (vice.com) 132

An anonymous reader writes: The U.S. Director of National Intelligence, James Clapper, has now joined the CIA's John Brennan in having his personal online accounts hacked. A teenage hacker known as 'Cracka' has claimed responsibility for the hack, reporting that he had infiltrated Clapper's home telephone, online accounts and his personal email, as well as his wife's Yahoo account. Cracka had managed to change the settings on Clapper's Verizon Fios account so that any calls to his home number were redirected to the Free Palestine Movement group in California.
Verizon

Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses (spamhaus.org) 120

An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."
Verizon

Verizon Launches Auction To Sell Data Centers (reuters.com) 39

operator_error writes: Verizon has now chosen to reverse "its strategy to expand in hosting and colocation services after it acquired data center operator Terremark Worldwide Inc in 2011 for $1.4 billion", and has "started a process to sell its data center assets". The so-called 'colocation' portfolio up for sale includes 48 data centers, and generates annual earnings before interest, tax, depreciation and amortization of around $275 million. The enterprise telecommunications industry has had to adapt in recent years to corporate customers seeking more sophisticated and cheaper offerings to manage their data. Verizon joins a host of its rivals in telecommunications who are shedding their data centers.

Slashdot Top Deals