Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

How Vigilante Hackers Could Stop the Internet of Things Botnet ( 6

An anonymous reader quotes a report from Motherboard: Some have put forth a perhaps desperate -- and certainly illegal -- solution to stop massive internet outages, like the one on Friday, from happening: Have white-hat vigilante hackers take over the insecure Internet of Things that the Mirai malware targets and take them away from the criminals. Several hackers and security researchers agree that taking over the zombies in the Mirai botnet would be relatively easy. After all, if the "bad guys" Mirai can do it, a "good guys" Mirai -- perhaps even controlled by the FBI -- could do the same. The biggest technical hurdle to this plan, as F-Secure chief research officer Mikko Hypponen put it, is that once it infects a device, Mirai "closes the barn door behind it." Mirai spreads by scanning the internet for devices that have the old-fashioned remote access telnet protocol enabled and have easy to guess passwords such as "123456" or "passwords." Then, once it infects them, it disables telnet access, theoretically stopping others from doing the same. The good news is that the code that controls this function actually doesn't at times work very well, according to Darren Martyn, a security researcher who has been analyzing the malware and who said he's seen some infected devices that still have telnet enabled and thus can be hacked again. Also, Mirai disappears once an infected device is rebooted, which likely happens often as owners of infected cameras and DVRs try to fix their devices that suddenly have their bandwidth saturated. The bad news is that the Mirai spreads so fast that a rebooted, clean, device gets re-infected in five minutes, according to the estimates of researchers who've been tracking the botnets. So a vigilante hacker has a small window before the bad guys come back. The other problem is what a do-gooder hacker could do once they took over the botnet. The options are: brick the devices, making them completely unusable; change the default passwords, locking out even their legitimate owners; or try to fix their firmware to make them more resistant to future hack attempts, and also still perfectly functioning. The real challenge of this whole scenario, however, is that despite being for good, this is still illegal. "No one has any real motivation to do so. Anyone with the desire to do so, is probably afraid of the potential jail time. Anyone not afraid of the potential jail time...can think of better uses for the devices," Martyn told Motherboard, referring to criminals who can monetize the Mirai botnet.

Comcast Sues Nashville To Halt Rules That Give Google Fiber Faster Access To Utility Poles ( 38

An anonymous reader quotes a report from Ars Technica: Comcast yesterday sued the Nashville metro government and mayor to stop a new ordinance designed to give Google Fiber faster access to utility poles. Comcast's complaint in U.S. District Court in Nashville (full text) is similar to one already filed by AT&T last month. Both ISPs are trying to invalidate a One Touch Make Ready ordinance that lets new ISPs make all of the necessary wire adjustments on utility poles themselves instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires. The ordinance was passed largely to benefit Google Fiber, which is offering service in Nashville but says that it hasn't been able to deploy faster because it is waiting to get access to thousands of poles. Nearly all the Nashville utility poles are owned either by the municipal Nashville Electric Service or AT&T. Because Comcast has wires on many of the poles, it has some control over how quickly Google Fiber can expand its network. When Google Fiber wants to attach wires to a new pole, it needs to wait for ISPs like Comcast to move their wires to make room for Google Fiber's. The Nashville One Touch Make Ready ordinance "permits third parties to move, alter, or rearrange components of Comcast's communications network attached to utility poles without Comcast's consent, authorization, or oversight, and with far less notice than is required by federal law and by an existing Comcast contract with Metro Nashville," Comcast's complaint said. Comcast asked the court to declare the ordinance invalid and permanently enjoin Nashville from enforcing it. The pre-existing Make Ready process "seek[s] to ensure that all providers can share available pole space cooperatively and safely, without interfering with or damaging any provider's equipment or services," Comcast said. The new procedures mandated by Nashville "are so intrusive that, tellingly, Metro Nashville has wholly exempted its own utility pole attachments from the Ordinance's coverage." Even though Google Fiber announced yesterday that it will pause operations and cut 9% of its staff, the ISP said it would continue operations in Nashville.

Dyn DNS DDoS Likely The Work of Script Kiddies, Says FlashPoint ( 48

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

Apple To Help Viewers Discover TV Shows Through an App ( 40

Apple plans to announce a new way for viewers to discover TV shows through an app, according to a report on USA Today. The app will release as soon as this week, the report adds. From the article: Described to network executives as "the Watch List," the app will recommend shows based on the content viewers access through their Apple TVs. For example, a subscriber to FX Networks might be encouraged to check out the new dramatic series Atlanta. This new approach of distilling recommendations into a single app builds on the improvements in search and discovery that Apple introduced last year, with the fourth update to its Apple TV streaming box.

Apple's Annual Sales Fall For First Time Since 2001 ( 207

An anonymous reader quotes a report from CNNMoney: Apple just posted its first annual sales decline since 2001, the year it launched the iPod and kicked off a tremendous run of groundbreaking products. The tech company revealed Tuesday that annual sales fell to $216 billion in the 2016 fiscal year ending September 30, from a record $234 billion in 2015. The sales decline is closely connected to the falling sales for the iPhone, which remains Apple's largest source of revenue. Apple sold 45.5 million iPhones in the September quarter, down from 48 million iPhones in the same quarter a year earlier. That marks the third consecutive quarter when iPhone sales and overall revenue have declined from a year prior. Many analysts have raised concerns that the global smartphone market is saturated. Customers are taking longer to replace their phones. And Apple's latest iPhone is a dead ringer for the previous two models, eliminating some of the desire to upgrade. The good news is that this sales decline may prove to be a blip and not the new norm. Apple is projecting that it will post sales of $76 billion to $78 billion in the upcoming quarter, up from $74.8 billion a year earlier.

Yahoo Scanning Order Unlikely To Be Made Public: Reuters ( 55

An anonymous reader quotes a report from Reuters: Obama administration officials briefed key congressional staffers last week about a secret court order to Yahoo that prompted it to search all users' incoming emails for a still undisclosed digital signature, but they remain reluctant to discuss the unusual case with a broader audience. Executive branch officials spoke to staff for members of the Senate and House of Representatives committees overseeing intelligence operations and the judiciary, according to people briefed on the events, which followed Reuters' disclosure of the massive search. But attempts by other members of Congress and civil society groups to learn more about the Yahoo order are unlikely to meet with success anytime soon, because its details remain a sensitive national security matter, U.S. officials told Reuters. Release of any declassified version of the order is unlikely in the foreseeable future, the officials said. The decision to keep details of the order secret comes amid mounting pressure on the U.S. government to be more transparent about its data-collection activities ahead of a congressional deadline next year to reauthorize some foreign intelligence authorities. On Tuesday, more than 30 advocacy groups will send a letter to Director of National Intelligence James Clapper asking for declassification of the Yahoo order that led to the search of emails last year in pursuit of data matching a specific digital symbol. The groups say that Title I of the Foreign Intelligence Surveillance Act, under which sources said the order was issued, requires a finding that the target of such a wiretap is probably an agent of a foreign power and that the facility to be tapped is probably going to be used for a transmission. An entire service, such as Yahoo, has never publicly been considered to be a "facility" in such a case: instead, the word usually refers to a phone number or an email account.

Snapchat, Skype Put Users' 'Human Rights at Risk', Amnesty Int'l Reports ( 46

Shanika Gunaratna, writing for CBS News: Snapchat and Skype are falling short in protecting users' privacy -- a failure that puts users' "human rights at risk," according to a report by the organization Amnesty International. Snapchat and Skype received dismal grades in a new set of rankings released by Amnesty that specifically evaluate how popular messaging apps use encryption to protect users' private communications. In the report, Amnesty is trying to elevate encryption as a human rights necessity, due to concerns that activists, opposition politicians and journalists in some countries could be put in grave danger if their communications on popular messaging apps were compromised. "Activists around the world rely on encryption to protect themselves from spying by authorities, and it is unacceptable for technology companies to expose them to danger by failing to adequately respond to the human rights risks," Sherif Elsayed-Ali, head of Amnesty's technology and human rights team, said in a statement. "The future of privacy and free speech online depends to a very large extent on whether tech companies provide services that protect our communications, or serve them up on a plate for prying eyes."Microsoft's Skype received 40 out of 100. WhatsApp fared at 73, and Apple scored 67 out of 100 for its iMessage and FaceTime apps. BlackBerry, Snapchat, and China's Tencent did 30 out of 100.

Latest WikiLeaks Reveal Suggests Facebook Is Too Close For Comfort With Clinton ( 414

MojoKid writes: As we quickly approach the November 8th elections, email leaks from the Clinton camp continue to loom over the presidential candidate. The latest data dump from WikiLeaks shines a light on emails between Hillary Clinton's campaign manager, John Podesta and Facebook Chief Operating Officer, Sheryl Sandberg. In one email exchange, dated June 6th, 2015, Sandberg expresses her desire for Clinton to become president, writing to Podesta, "And I still want HRC to win badly. I am still here to help as I can." While that was a private exchange, Sandberg also made her zest for seeing Clinton as the 45th President of the United States publicly known in a Facebook post on July 28th of this year. None of that is too shocking when you think about it. Sandberg has every right to endorse whichever candidate she wants for president. However, a later exchange between Sandberg and Podesta showed that Mark Zuckerberg was looking to get in on the action a bit, and perhaps curry favor with Podesta and the Clinton camp in shaping public policy. Donald Trump has long claimed that Clinton is too cozy with big businesses, and one cannot dismiss the fact that Facebook has a global user base of 1.7 billion users. When you toss in the fact that Facebook came under fire earlier this year for allegedly suppressing conservative news outlets in the Trending News bar, questions begin to arise about Facebook's impartiality in the political race. The report also notes that Sandberg is at the top of the list when it comes to picks for Treasury Secretary, if Clinton wins the election. In an interview with Politico, David Segal, executive director for Demand Progress, said "[Sandberg] is a proxy for this growing problem that is the hegemony of five to ten major Silicon Valley platforms." Lina Khan, a fellow with the Open Markets Program at the New American think tank adds: "If a senior Cabinet member is from Facebook, at worst it could directly interfere [in antitrust actions]. But even in the best of cases there's a real worry that it will have a chilling effect on good-faith antitrust efforts to scrutinize potential anti-competitive implications of dominant tech platforms."

Consumer Reports Ranks Tesla Model X Near Bottom For Reliability ( 131

Last year, Consumer Reports withdrew its recommendation for the Tesla Model S after investigating its reliability. Today, the nonprofit organization released its 2016 Car Reliability Survey and found that, while the Tesla Model S has become more reliable, the Tesla Model X has proved to be unreliable overall. CNNMoney reports: CEO Elon Musk admitted that he wished he hadn't put so much new, complex technology on [the Model X] all at once when he unveiled the model last year. Apparently, he was right to worry. The Model X's complicated "falcon wing" doors have been a big trouble spot, said Jake Fisher, head of Consumer Reports' car testing unit. Even the front doors, which have electric motors that let them open on their own, have been a headache for customers, he added. As a result, Tesla ranks among the "Less Reliable" brands on Consumer Reports' list. The SUV's dependability is rated as "Much worse than average." Still, overall owner satisfaction with the vehicle is rated as "Excellent." For a long time, "dependability problems" have tended to be relatively trivial, said Fisher, as the industry has perfected the major mechanical aspects of the cars. In recent years, the problems have stemmed from the more high-tech additions to the newest cars, like the computer screens that work with phone, navigation and entertainment features, said Fisher. But now, with tougher fuel economy rules pushing more complex transmission technologies, dependability issues are once again starting to involve fundamental mechanical components. New eight- and nine-speed transmissions as well as dual-clutch and continuously variable transmissions have been suffering problems at a higher-than-average rate, Fisher said. It's been years since new car buyers would have to worry about things that could actually render their vehicle undrivable. But those concerns are coming back, Fisher said. As for the Model S, Consumer Reports says "Tesla's Model S has improved to average reliability, which now makes the electric car one of our recommended models."

Internet is Becoming Unreadable Because of a Trend Towards Lighter, Thinner Fonts ( 323

An anonymous reader writes: The internet is becoming unreadable because of a trend towards lighter and thinner fonts, making it difficult for the elderly or visually-impaired to see words clearly, a web expert has found. Where text used to be bold and dark, which contrasted well with predominantly white backgrounds, now many websites are switching to light greys or blues for their type. Award winning blogger Kevin Marks, founder of Microformats and former vice president of web services at BT, decided to look into the trend after becoming concerned that his eyesight was failing because he was increasingly struggling to read on screen text. He found a 'widespread movement' to reduce the contrast between the words and the background, with tech giants Apple, Google and Twitter all altering their typography. True black on white text has a contrast ratio of 21:1 -- the maximum which can be achieved. Most technology companies agree that it is good practice for type to be a minimum of 7:1 so that the visually-impaired can still see text. But Mr Marks, found that even Apple's own typography guidelines, which recommended 7:1 are written in a contrast ratio of 5.5:1.

Women in Computing To Decline To 22% by 2025, Study Warns ( 556

New research warns that at the rate we're going, the number of women in the computing workforce will decline to 22% from 24% by 2025 if nothing is done to encourage more of them to study computer science. From a USA Today report (shared by an anonymous reader): The research from Accenture and nonprofit group Girls Who Code says taking steps now to encourage more women to pursue a computer science education could triple the number of women in computing to 3.9 million in that same timeframe. Women account for 24% of computing jobs today, but could account for 39% by 2025, according to the report, Cracking the Gender Code. And greater numbers of women entering computer science could boost women's cumulative earnings by $299 billion and help the U.S. fill the growing demand for computing talent, said Julie Sweet, Accenture's group chief executive for North America.

US Police Consider Flying Drones Armed With Stun Guns ( 162

Slashdot reader Presto Vivace tipped us off to news reports that U.S. police officials are considering the use of flying drones to taser their suspects. From Digital Trends: Talks have recently taken place between police officials and Taser International, a company that makes stun guns and body cameras for use by law enforcement, the Wall Street Journal reported on Thursday. While no decision has yet been made on whether to strap stun guns to remotely controlled quadcopters, Taser spokesman Steve Tuttle said his team were discussing the idea with officials as part of broader talks about "various future concepts."

Tuttle told the Journal that such technology could be deployed in "high-risk scenarios such as terrorist barricades" to incapacitate the suspect rather than kill them outright... However, critics are likely to fear that such a plan would ultimately lead to the police loading up drones with guns and other weapons. Portland police department's Pete Simpson told the Journal that while a Taser drone could be useful in some circumstances, getting the public "to accept an unmanned vehicle that's got some sort of weapon on it might be a hurdle to overcome."

The article points out that there's already a police force in India with flying drones equipped with pepper spray.

Photographer Glimpses Larry Page's Flying Car Hovering In California (Maybe) ( 88

From Hollister, California -- population 40,000 -- comes a good update from the Mercury News on Larry Page's efforts to fund a flying car: Even from a few hundred yards away, the aircraft made a noise strikingly different from the roar of a typical plane. "It sounded like an electric motor running, just a high-pitched whine," said Steve Eggleston, assistant manager at an airplane-parts company with offices bordering the Hollister Municipal Airport tarmac. But it wasn't only the sound that caught the attention of Eggleston and his co-workers at DK Turbines. It was what the aircraft was doing. "What the heck's that?" saleswoman Brittany Rodriguez thought to herself. It's just hovering."

That, apparently, was a flying car, or perhaps a prototype of another sort of aircraft under development by a mysterious startup called of two reportedly funded by Google co-founder Larry Page to develop revolutionary forms of transportation... A Zee.Aero spokeswoman said the firm is "currently not discussing (its) plans publicly." However, a Zee.Aero patent issued in 2013 describes in some detail an aircraft capable of the hovering seen by people working at the airport. And the drawings showcase a vision of the future in which flying cars park in lots just like their terrestrial, less-evolved cousins.

Page has invested $100 million in Zee.Aero, which appears to have hired more than 100 aerospace engineers. But the article reports that apparently, in the small town where it's headquartered, "the first rule about Zee.Aero is you don't talk about Zee.Aero."

'Picat' Programming Language Creators Surprised With A $10,000 Prize ( 62

An anonymous reader writes: "I didn't even know they gave out prizes," said a Brooklyn College CS professor, remembering how he'd learned that a demo of the Picat programming language won a $10,000 grand prize last month at the NYC Media Lab Summit. Professor Neng-Fa Zhou created Picat with programmer Jonathan Fruhman, and along with graduate student Jie Mei they'd created a demo titled "The Picat Language and its Application to Games and AI Problems" to showcase the language's ability to solve combinatorial search problems, "including a common interface with CP, SAT, and MIP solvers."

Mie tells the Brooklyn College newspaper that Picat "is a multi-paradigm programming language aimed for general-purpose applications, which means theoretically it can be used for everything in life," and Zhou says he wants to continue making the language more useful in a variety of settings. "I want this to be successful, but not only academically... When you build something, you want people to use it. And this language has become a sensation in our community; other people have started using it."


Amazon May Handle 30% Of All US Retail Sales ( 70

An anonymous reader quotes USA Today: Amazon's yearly sales account for about 15% of total U.S. consumer online sales, according to the company's statements and the Department of Commerce. But the Seattle e-commerce company may actually be handling double that amount -- 20% to 30% of all U.S. retail goods sold online -- thanks to the volume of sales it transacts for third parties on its website and app. Only a portion of those sales add to its revenue.

"The punchline is that Amazon's twice as big as people give them credit for, because there's this iceberg under the surface, but you only see the tip," said Scot Wingo, executive chairman of Channel Advisor, an e-commerce software company that works with thousands of online sellers. When third-party sales are taken into account, Amazon's share of what U.S. shoppers spend online could be as high as $125 billion yearly...

Amazon's share will grow even larger when they can offer two-hour deliveries, warns one analyst, while another puts it more succinctly. "Amazon's just going to slowly grab more and more of your wallet."

Slashdot Top Deals