Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Pornhub Offers To Buy Vine Because 'Six Seconds Is More Than Enough' ( 56

An anonymous reader quotes a report from CNET: Earlier on Thursday Twitter announced it was ending Vine's short run, and the adult site was quick to come to the rescue -- maybe. In a letter from Pornhub VP Corey Price to Twitter CEO Jack Dorsey that was shared with CNET, Price lays out the rationale: "We figure since Twitter has dropped (Vine) and is having significant layoffs, that you and your stakeholders could benefit from a cash infusion from the sale of Vine. Not to mention we would be saving Vine gems like 'Damn Daniel,' 'Awkward Puppets' and many more." Pornhub also promises to "restore Vine to Its NSFW glory," saying that clips "of porn in six seconds is more than enough time for most people to enjoy themselves." Unless pointing out a company's recent hardships in a letter and sharing it with a reporter is the latest Silicon Valley negotiating tactic, it seems pretty clear that the offer is a tongue-in-cheek jab at Twitter and its decision to shutter the video looping platform that has caused so much joy and often humiliation. But who knows, maybe Twitter will be willing to deal with Pornhub.

Twitter is Shutting Down Its Video App Vine ( 59

Twitter's plan to refocus on its core business consists of laying off 9 percent of its staff, and also killing off Vine. The company announced today that it will shut down Vine's video app in the coming months. From a Recode report: Vine has been struggling for some time, so Thursday's move is surprising but not unbelievable. The app was never a revenue driver for the company, and it was no longer growing. Many of its top executives left over the spring and early summer. What's interesting is that Twitter is shutting the app down instead of trying to sell it off. Or perhaps it did try and simply couldn't find a buyer (like a buyer for itself). Either way, Vine will soon shut down. The company says that users will be able to download their Vine videos before that happens, but there has been no specific timetable announced. Vine general manager Hannah Davis, who just joined the company this spring, will stay on to oversee the transition, according to a spokesperson.

Twitter Is Cutting 9% of Its Global Workforce ( 87

Twitter is planning to lay off 9 percent of its global workforce, as the ailing San Francisco tech giant struggles to please Wall Street despite beating earnings expectations. The company officially announced the cuts today in its third-quarter earnings, days after reports began to surface of the impending cuts. AdWeek reports: According to Twitter, the majority of the reductions will take place in its sales, partnerships and marketing divisions in order to "continue to fully fund our highest priorities," according to a letter to shareholders. However, the earnings also came with some good news. Total monthly active users grew for the second consecutive quarter to 317 million users, gaining 4 million over the past three months since its second-quarter results. Daily active users also increased, rising 7 percent year over year. Twitter's revenue totaled $616 million -- an 8 percent increase year over year. Earnings per share totaled 13 cents, beating expectations of 9 cents per share and $606 million in total revenue. However, the company reported profit fell by $103 million.

WhatsApp Is Rolling Out Video Calls On Its Android App ( 42

WhatsApp appears to be rolling out its video calling feature for beta users of the Android app. The arrival of the feature was first spotted by Android Police, which found that an updated app interface caused some users of the beta builds of the application to be able to access video calling. TechCrunch reports: For those on a version of WhatsApp which includes video calling support, you're able to tap the call button or tap on a contact card to kick off a video call. In this case, a new dialog box will appear, offering the choice between a standard voice call and a video call. In addition, the call log will show which calls were made via video by annotating them with the camera icon, instead of the telephone icon. However, there isn't yet a way to call other WhatsApp users who don't also have video calling support. If you try to, WhatsApp defaults to a voice call. Android isn't the only platform where video calling has been switched on. Last week, some users on the WhatsApp beta for Windows Phone were also surprised to find that the feature was now functional. And in this case, it didn't require an app update -- indicating a server-side change could enable it. Some users have also reported seeing the feature on iOS.

How Vigilante Hackers Could Stop the Internet of Things Botnet ( 62

An anonymous reader quotes a report from Motherboard: Some have put forth a perhaps desperate -- and certainly illegal -- solution to stop massive internet outages, like the one on Friday, from happening: Have white-hat vigilante hackers take over the insecure Internet of Things that the Mirai malware targets and take them away from the criminals. Several hackers and security researchers agree that taking over the zombies in the Mirai botnet would be relatively easy. After all, if the "bad guys" Mirai can do it, a "good guys" Mirai -- perhaps even controlled by the FBI -- could do the same. The biggest technical hurdle to this plan, as F-Secure chief research officer Mikko Hypponen put it, is that once it infects a device, Mirai "closes the barn door behind it." Mirai spreads by scanning the internet for devices that have the old-fashioned remote access telnet protocol enabled and have easy to guess passwords such as "123456" or "passwords." Then, once it infects them, it disables telnet access, theoretically stopping others from doing the same. The good news is that the code that controls this function actually doesn't at times work very well, according to Darren Martyn, a security researcher who has been analyzing the malware and who said he's seen some infected devices that still have telnet enabled and thus can be hacked again. Also, Mirai disappears once an infected device is rebooted, which likely happens often as owners of infected cameras and DVRs try to fix their devices that suddenly have their bandwidth saturated. The bad news is that the Mirai spreads so fast that a rebooted, clean, device gets re-infected in five minutes, according to the estimates of researchers who've been tracking the botnets. So a vigilante hacker has a small window before the bad guys come back. The other problem is what a do-gooder hacker could do once they took over the botnet. The options are: brick the devices, making them completely unusable; change the default passwords, locking out even their legitimate owners; or try to fix their firmware to make them more resistant to future hack attempts, and also still perfectly functioning. The real challenge of this whole scenario, however, is that despite being for good, this is still illegal. "No one has any real motivation to do so. Anyone with the desire to do so, is probably afraid of the potential jail time. Anyone not afraid of the potential jail time...can think of better uses for the devices," Martyn told Motherboard, referring to criminals who can monetize the Mirai botnet.

Dyn DNS DDoS Likely The Work of Script Kiddies, Says FlashPoint ( 83

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.
Desktops (Apple)

It Looks Like Apple is Killing the Physical Esc and Power Keys On New MacBook Pro 523

Curious minds on the internet have uncovered an image file on their Mac, which was added by Apple in the latest macOS update. The image reveals a new laptop that fully fits the description of rumored MacBook Pro, which Apple is expected to launch on October 27. The laptop in the picture has what seems like a "contextual" OLED display (some are calling it Magic Toolbar display) on the top. What's interesting from that picture is that there's no physical Escape key or Power key to be found anywhere.

Editor's note: We usually tend to avoid covering leaks and rumors, but several readers pitched the story to us, and media outlets are also covering it now, which adds some credibility to the matter.

Latest WikiLeaks Reveal Suggests Facebook Is Too Close For Comfort With Clinton ( 431

MojoKid writes: As we quickly approach the November 8th elections, email leaks from the Clinton camp continue to loom over the presidential candidate. The latest data dump from WikiLeaks shines a light on emails between Hillary Clinton's campaign manager, John Podesta and Facebook Chief Operating Officer, Sheryl Sandberg. In one email exchange, dated June 6th, 2015, Sandberg expresses her desire for Clinton to become president, writing to Podesta, "And I still want HRC to win badly. I am still here to help as I can." While that was a private exchange, Sandberg also made her zest for seeing Clinton as the 45th President of the United States publicly known in a Facebook post on July 28th of this year. None of that is too shocking when you think about it. Sandberg has every right to endorse whichever candidate she wants for president. However, a later exchange between Sandberg and Podesta showed that Mark Zuckerberg was looking to get in on the action a bit, and perhaps curry favor with Podesta and the Clinton camp in shaping public policy. Donald Trump has long claimed that Clinton is too cozy with big businesses, and one cannot dismiss the fact that Facebook has a global user base of 1.7 billion users. When you toss in the fact that Facebook came under fire earlier this year for allegedly suppressing conservative news outlets in the Trending News bar, questions begin to arise about Facebook's impartiality in the political race. The report also notes that Sandberg is at the top of the list when it comes to picks for Treasury Secretary, if Clinton wins the election. In an interview with Politico, David Segal, executive director for Demand Progress, said "[Sandberg] is a proxy for this growing problem that is the hegemony of five to ten major Silicon Valley platforms." Lina Khan, a fellow with the Open Markets Program at the New American think tank adds: "If a senior Cabinet member is from Facebook, at worst it could directly interfere [in antitrust actions]. But even in the best of cases there's a real worry that it will have a chilling effect on good-faith antitrust efforts to scrutinize potential anti-competitive implications of dominant tech platforms."

Twitter Plans To Cut About 300 Jobs As Soon As This Week: Bloomberg ( 105

An anonymous reader quotes a report from Bloomberg: Twitter Inc. is planning widespread job cuts, to be announced as soon as this week, according to people familiar with the matter. The company may cut about 8 percent of the workforce, or about 300 people, the same percentage it did last year when co-founder Jack Dorsey took over as chief executive officer, the people said. Planning for the cuts is still fluid and the number could change, they added. An announcement about the job reductions may come before Twitter releases third-quarter earnings on Thursday, one of the people said. Twitter, which loses money, is trying to control spending as sales growth slows. The company recently hired bankers to explore a sale, but the companies that had expressed interest in bidding -- Inc., The Walt Disney Co. and Alphabet Inc. -- later backed out from the process. Twitter's losses and 40 percent fall in its share price the past 12 months have made it more difficult for the company to pay its engineers with stock. That has made it harder for Twitter to compete for talent with giant rivals like Alphabet Inc.'s Google and Facebook Inc. Reducing employee numbers would relieve some of this pressure.

New York Times Buys The Wirecutter For $30 Million ( 40

An anonymous reader quotes a report from Recode: The New York Times is buying The Wirecutter, a five-year-old online consumer guide. The Times will pay more than $30 million, including retention bonuses and other payouts, for the startup, according to people familiar with the transaction. Brian Lam, a former editor at Gawker Media's Gizmodo, founded The Wirecutter in 2011, and has self-funded the company's growth. The Wirecutter provides recommendations for electronics and other gadgets that are both obsessively researched and simply presented. The Wirecutter also owns The Sweethome, which takes the same approach for home appliances and other gear. "We're very excited about this acquisition on two fronts," said Mark Thompson, CEO of The New York Times Company, in the acquisition release. "It's an impressively run business with a very attractive revenue model and its success is built on the foundation of great, rigorously reported service journalism." The Wirecutter tweeted earlier today: "Hey, we're still us. But we're a part of The New York Times now."

Internet is Becoming Unreadable Because of a Trend Towards Lighter, Thinner Fonts ( 329

An anonymous reader writes: The internet is becoming unreadable because of a trend towards lighter and thinner fonts, making it difficult for the elderly or visually-impaired to see words clearly, a web expert has found. Where text used to be bold and dark, which contrasted well with predominantly white backgrounds, now many websites are switching to light greys or blues for their type. Award winning blogger Kevin Marks, founder of Microformats and former vice president of web services at BT, decided to look into the trend after becoming concerned that his eyesight was failing because he was increasingly struggling to read on screen text. He found a 'widespread movement' to reduce the contrast between the words and the background, with tech giants Apple, Google and Twitter all altering their typography. True black on white text has a contrast ratio of 21:1 -- the maximum which can be achieved. Most technology companies agree that it is good practice for type to be a minimum of 7:1 so that the visually-impaired can still see text. But Mr Marks, found that even Apple's own typography guidelines, which recommended 7:1 are written in a contrast ratio of 5.5:1.

Slashdot Asks: How Can We Prevent Packet-Flooding DDOS Attacks? ( 349

Just last month Brian Krebs wrote "What appears to be missing is any sense of urgency to address the DDoS threat on a coordinated, global scale," warning that countless ISPs still weren't implementing the BCP38 security standard, which was released "more than a dozen years ago" to filter spoofed traffic. That's one possible solution, but Slashdot reader dgallard suggests the PEIP and Fair Service proposals by Don Cohen: PEIP (Path Enhanced IP) extends the IP protocol to enable determining the router path of packets sent to a target host. Currently, there is no information to indicate which routers a packet traversed on its way to a destination (DDOS target), enabling use of forged source IP addresses to attack the target via packet flooding... Rather than attempting to prevent attack packets, instead PEIP provides a way to rate-limit all packets based on their router path to a destination.
I've also heard people suggest "just unplug everything," but on Friday the Wall Street Journal's Christopher Mim suggested another point of leverage, tweeting "We need laws that allow civil and/or criminal penalties for companies that sell systems this insecure." Is the best solution technical or legislative -- and does it involve hardware or software? Leave your best thoughts in the comments. How can we prevent packet-flooding DDOS attacks?
The Media

More NFL Players Attack Microsoft's $400M Surface Deal With The NFL ( 236

An anonymous reader writes; "These tablets always malfunction," complained one NFL offensive lineman in January, foreshadowing a growing backlash to Microsoft's $400 million deal with the NFL to use Surface tablets. Friday the coach of the San Francisco 49ers and their controversial quarterback Colin Kaepernick both complained they've also experienced problems, with Kaepernick saying the screen freezes "every once in a while and they have to reboot it."

Friday Microsoft called their tablet "the center of the debate on the role of technology in the NFL," saying they deeply respect NFL teams "and the IT pro's who work tirelessly behind the scenes to help them succeed." It included quotes from NFL quarterbacks -- for example, "Every second counts and having Microsoft Surface technology on sidelines allows players and coaches to analyze what our opponents are trying to do in almost real time." But Yahoo Finance wrote that "The quotes read like they were written by the Microsoft public relations team," arguing that Microsoft's NFL deal "has been a disaster... The tablets failed to work during a crucial AFC Championship game last January -- again for the New England Patriots... sports media interpreted that the malfunction benefited the Broncos on the field, giving the team an unfair advantage -- the very last thing Microsoft's tablets, meant to aid coaches in their play calling, should be doing."

The NFL issued a statement calling Microsoft "an integral, strategic partner of the NFL," adding "Within our complex environment, many factors can affect the performance of a particular technology either related to or outside of our partner's solutions."

Who Should We Blame For Friday's DDOS Attack? ( 190

"Wondering which IoT device types are part of the Mirai botnet causing trouble today? Brian Krebs has the list," tweeted Trend Micro's Eric Skinner Friday, sharing an early October link which identifies Panasonic, Samsung and Xerox printers, and lesser known makers of routers and cameras. An anonymous reader quotes Fortune: Part of the responsibility should also lie with lawmakers and regulators, who have failed to create a safety system to account for the Internet-of-Things era we are now living in. Finally, it's time for consumers to acknowledge they have a role in the attack too. By failing to secure the internet-connected devices, they are endangering not just themselves but the rest of the Internet as well.
If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks..."
United States

American 'Vigilante Hacker' Defaces Russian Ministry's Website ( 205

An anonymous Slashdot reader quotes CNN Money: An American vigilante hacker -- who calls himself "The Jester" -- has defaced the website of the Russian Ministry of Foreign Affairs in retaliation for attacks on American targets... "Comrades! We interrupt regular scheduled Russian Foreign Affairs Website programming to bring you the following important message," he wrote. "Knock it off. You may be able to push around nations around you, but this is America. Nobody is impressed."
In early 2015, CNN Money profiled The Jester as "the vigilante who hacks jihadists," noting he's a former U.S. soldier who now "single-handedly taken down dozens of websites that, he deems, support jihadist propaganda and recruitment efforts. He stopped counting at 179." That article argues that "the fact that he hasn't yet been hunted down and arrested says a lot about federal prosecutors and the FBI. Several cybersecurity experts see it as tacit approval."

"In an exclusive interview with CNNMoney this weekend, Jester said he chose to attack Russia out of frustration for the massive DNS cyberattack that knocked out a portion of the internet in the United States on Friday... 'I'm not gonna sit around watching these f----rs laughing at us.'"

WikiLeaks To Its Supporters: 'Stop Taking Down the US Internet, You Proved Your Point' ( 334

MojoKid writes: The Internet took a turn for the worst this morning, when large parts of the DNS network were brought down by a massive distributed denial of service attack (DDoS) targeting DNS provider Dyn. If you couldn't access Amazon, Twitter, and a host of other large sites and online services earlier today, this was why. Now, if a couple of additional tweets are to be believed, it appears supporters of WikiLeaks are responsible for this large scale DDoS attack on Dynamic Network Services Inc's Dyn DNS service. WikiLeaks is alleging that a group of its supporters launched today's DDoS attack in retaliation for the Obama administration using its influence to push the Ecuadorian government to limit Assange's internet access. Another earlier tweet reassures supporters that Mr. Assange is still alive, which -- along with a photo of heavily armed police posted this morning -- implies that he may have been (or may still be) in danger, and directly asks said supporters to stop the attack. WikiLeaks published this tweet a little after 5PM: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point." It was followed by: "The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate."

AI Platform Assesses Trump's and Clinton's Emotional Intelligence ( 181

FastCompany got an exclusive look at how Hillary Clinton and Donald Trump stacked up in terms of their emotional intelligence when analyzed by HireVue's artificial intelligence platform. The platform analyzes "video, audio, and language patterns to determine emotional intelligence and sentiment." The company also partnered with Affectiva for facial analysis "to measure the candidate's emotional engagement correlated down to the micro-expressions level." FastCompany reports the findings: Trump versus Clinton across all three debates. Here we see the range of emotions both candidates showed during all three debates. Clinton seemed to dominate the top-right area, which represented both "joy" and facial expressions like smiles and smirks. Conversely, Trump had a stronghold on the "sadness," "disgust," and "fear" quadrants, along with both "negative sentiment" and "negative valence." The third debate. Looking more closely at just this week's debate, negativity prevailed. Both candidates exhibited disgust during the 90-minute spectacle. Trump, however, seemed to dominate the strongest emotions with heightened scores for "fear," "contempt," and "negative sentiment." Clinton, according to the data, presented the only positive emotional elements, which included some "joy" and "smiles." Clinton's performance. Clinton's range of emotions and reactions seemed pretty consistent throughout all three debates, although she exhibited the most positive emotions during the second. What's more, according to the graph, she was most negative during this week's debate. Trump's performance. Similar to Clinton, Trump's range of emotions seemed relatively consistent throughout the three debates. The third one, however, was when he emoted the most negatively. He smirked a lot during this event, too. "Negative sentiment," "contempt," and "anger" were persistent throughout all three conversations.

43 Million Weebly and 22 Million Foursquare Accounts Stolen ( 15

LeakedSource is reporting that the web design platform Weebly was hacked in February, affecting more than 43 million accounts. They have also reported a smaller hack involving 22.5 million Foursquare accounts, which were compromised in December 2013. TechCrunch: "We do not believe that any customer website has been improperly accessed," Weebly said in the notice to users. The company also said that it does not store credit card information, making fraudulent charges unlikely. LeakedSource said it received the Weebly database from an anonymous source and notified Weebly of the breach. In addition to the customer notification emails, LeakedSource claims that password resets are being issued -- but, if you're a Weebly user and you don't receive a password reset, you probably want to change your password anyway. Meanwhile, LeakedSource also identified data from Foursquare, claiming that 22.5 million accounts were compromised in December 2013. The social media company disputes the findings, claiming that email addresses were simply cross-referenced with publicly available data from Foursquare. The data includes emails, usernames and Facebook and Twitter IDs, which could have been scraped from Foursquare's API or search.

Amid Major Internet Outages, Affected Websites Have Lessons To Learn ( 135

Earlier today, Dyn, an internet infrastructure company, was hit by several DDoS attacks, which interestingly affected several popular websites including The New York Times, Reddit, Spotify, and Twitter that were directly or indirectly using Dyn's services. The attack is mostly visible across the US eastern seaboard with rest of the world noticing a few things broken here and there. Dyn says it's currently investigating a second round of DDoS attacks, though the severity of the outage is understandably less now. In the meantime, the Homeland Security said that it is aware of the attack and is investigating "all potential causes." Much of who is behind these attacks is unknown for now, and it is unlikely that we will know all the details until at least a few days. The attacks however have revealed how unprepared many websites are when their primary DNS provider goes down. ZDNet adds: The elephant in the room is that this probably shouldn't have happened. At very least there's a lot to learn already about the frailty of the internet DNS system, and the lack of failsafes and backups for websites and tech companies that rely on outsourced DNS service providers. "It's also a reminder of one risk of relying on multi-tenant service providers, be they DNS, or a variety of many other managed cloud service providers," said Steve Grobman, chief technology officer at Intel Security. Grobman warned that because this attack worked, it can be exploited again. "Given how much of our connected world must increasingly rely upon such cloud service providers, we should expect more such disruptions," he said. "We must place a premium of service providers that can present backup, failover, and enhance security capabilities allowing them to sustain and deflect such attacks." And that's key, because even though Dyn is under attack, it's the sites and services that rely on its infrastructure who should rethink their own "in case of emergency" failsafes. It may only be the east coast affected but lost traffic means lost revenue. Carl Levine, senior technical evangelist for NS1, another major managed DNS provider, said that the size and scale of recent attacks "has far exceeded what the industry thought was the upper end of the spectrum." "Large companies need to constantly upgrade their flood defenses. Some approaches that worked just a few years ago are now basically useless," said Kevin Curran, senior member with IEEE.We also recommend reading security reporter Brian Krebs's take on this.
The Internet

Several Sites Including Twitter, GitHub, Spotify, PayPal, NYTimes Suffering Outage -- Dyn DNS Under DDoS Attack [Update] ( 264

Several popular websites and services are down right now for many users. The affected sites include Twitter, SoundCloud, Spotify, and PayPal among others. The cause appears to be a sweeping outage of DNS provider Dyn -- which in turn is under DDoS attack, according to an official blog post. From a TechCrunch report:Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users accessing these sites might have more or less success depending on where they're located, as some European and Asian users seem not to be encountering these issues. Last month, Bruce Schneier warned that someone was learning how to take down the internet. Update: 10/21 14:41 GMT by M : Dyn says that it has resolved the issue and sites should function normally. Update: 10/21 17:04 GMT by M : Department of Homeland Security says it is aware of the first DDoS attack on Dyn today and "investigating all potential causes." Dyn says it is still under DDoS attack. News outlet The Next Web says it is also facing issues. Any website that uses Dyn's service -- directly or indirectly -- is facing the issue. Motherboard has more details. Update: 10/21 17:57 GMT by M : It seems even PlayStation Network is also hit. EA Sports Games said it is aware of the issues in live-play. Dyn says it is facing a second round of DDoS attacks.

Update: 10/21 18:45 GMT by M : U.S. government probing whether east coast internet attack was a 'criminal act' - official.

Editor's note: the story is being updated as we learn more. The front page was updated to move this story up. Are you also facing issues? Share your experience in the comments section below.

Slashdot Top Deals