Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Botnet

US Think Tank Wants To Regulate The Design of IoT Devices For Security Purposes (theregister.co.uk) 74

New submitter mikehusky quotes a report from The Register: Washington D.C. think tank the Institute for Critical Infrastructure Technology is calling for regulation on "negligence" in the design of internet-of-things (IoT) devices. If the world wants a bonk-detecting Wi-Fi mattress, it must be a malware-free bonk-detecting Wi-Fi mattress. The report adds: "Researchers James Scott and Drew Spaniel point out in their report Rise of the Machines: The Dyn Attack Was Just a Practice Run [PDF] that IoT represents a threat that is only beginning to be understood. The pair say the risk that regulation could stifle market-making IoT innovation (like the Wi-Fi cheater-detection mattress) is outweighed by the need to stop feeding Shodan. 'Regulation on IoT devices by the United States will influence global trends and economies in the IoT space, because every stakeholder operates in the United States, works directly with United States manufacturers, or relies on the United States economy. Nonetheless, IoT regulation will have a limited impact on reducing IoT DDoS attacks as the United States government only has limited direct influence on IoT manufacturers and because the United States is not even in the top 10 countries from which malicious IoT traffic originates.' State level regulation would be 'disastrous' to markets and consumers alike. The pair offer their report in the wake of the massive Dyn and Mirai distributed denial of service attacks in which internet of poorly-designed devices were enslaved into botnets to hammer critical internet infrastructure, telcos including TalkTalk, routers and other targets."
Transportation

Uber Is Treating Its Drivers As Sweated Labor, Says Report (theguardian.com) 403

Uber treats its drivers as Victorian-style "sweated labor", with some taking home less than the minimum wage, according to a report into its working conditions based on the testimony of dozens of drivers. From a report on The Guardian: Drivers at the taxi-hailing app company reported feeling forced to work extremely long hours, sometimes more than 70 a week, just to make a basic living, said Frank Field, the Labor MP and chair of the work and pensions committee. Field received testimony from 83 drivers who said they often took home significantly less than the "national living wage" after paying their running costs. The report says they described conditions that matched the Victorian definition of sweated labor: "when earnings were barely sufficient to sustain existence, hours of labor were such as to make lives of workers periods of ceaseless toil; and conditions were injurious to the health of workers and dangerous to the public."
AI

Magic Leap Used Fake Tech Demos and Is 'Years' Behind Schedule (ibtimes.co.uk) 110

New submitter drunkdrone writes: Magic Leap's coveted mixed reality technology has been the subject of intense speculation since it broke ground in 2014. Having secured billions of dollars in funding from some of the world's biggest tech giants, the secretive start-up has managed to stay at the centre of the VR/AR conversation despite showing little of the so-called revolutionary technology it has in the works. Now, the Magic Leap hype bubble may be about to burst in spectacularly disappointing fashion. According to reports, the Florida-based start-up is years behind on its plans and may have used deceptive product demos in order to keep interest in its tech alive. The Verge, which quotes an exclusive article from The Information, reports that Magic Leap's mixed reality technology has long since been overtaken by other products already on the market such as Microsoft's HoloLens, which Magic Leap's technology is said to most closely resemble. Allegedly, Magic Leap has struggled to scale-down a bulky piece of laser projection equipment used within the headset's display. "The crux of the problem appears to be Magic Leap's gamble on a so-called fibre scanning display, which shines a laser through a fibre optic cable that moves rapidly back and forth to draw images out of light," reports the Verge.
Earth

Earth's Day Lengthens By Two Milliseconds a Century, Astronomers Find (theguardian.com) 134

Researchers at Durham University and the UK's Nautical Almanac Office compiled nearly 3,000 years of celestial records and found that with every passing century, the day on Earth lengthens by two milliseconds as the planet's rotation gradually winds down. The Guardian reports: The split second gained since the first world war may not seem much, but the time it takes for a sunbeam to travel 600km towards Earth can cost an Olympic gold medal, as the American Tim McKee found out when he lost to Sweden's Gunnar Larsson in 1972. For those holding out for a whole extra hour a day, be prepared for a long wait. Barring any change in the rate of slowing down, an Earth day will not last 25 hours for about two million centuries more. Researchers at Durham University and the UK's Nautical Almanac Office gathered historical accounts of eclipses and other celestial events from 720BC to 2015. The oldest records came from Babylonian clay tablets written in cuneiform, with more added from ancient Greek texts, such as Ptolemy's 2nd century Almagest, and scripts from China, medieval Europe and the Arab dominions. The ancient records captured the times and places that people witnessed various stages of solar and lunar eclipses, while documents from 1600AD onwards described lunar occultations, when the moon passed in front of particular stars and blocked them from view. To find out how the Earth's rotation has varied over the 2,735-year-long period, the researchers compared the historical records with a computer model that calculated where and when people would have seen past events if Earth's spin had remained constant. The astronomers found that Earth's spin would have slowed down even more had it not been for a counteracting process. Since the end of the most recent ice age, land masses that were once buried under slabs of frozen water have been unloaded and sprung back into place. The shift caused the Earth to be less oblate -- or squished -- on its axis. And just as a spinning ice skater speeds up when she pulls in her arms, so the Earth spins faster when its poles are less compressed. Changes in the world's sea levels and electromagnetic forces between Earth's core and its rocky mantle had effects on Earth's spin too, according to the scientists' report in Proceedings of the Royal Society.
Transportation

Paris Makes All Public Transportation Free In Battle Against 'Worst Air Pollution For 10 Years' (independent.co.uk) 238

Paris has barred some cars from its streets and has made public transportation free as it suffers from the worst and most prolonged winter pollution for at least 10 years, the Airparif agency said on Wednesday. The Independent reports: Authorities have said only drivers with odd-numbered registration plates can drive in the capital region on Wednesday. Drivers of even-numbered cars were given the same opportunity on Tuesday, but could now be fined up to 35 EUR if they are caught behind the wheel. More than 1,700 motorists were fined for violations on Tuesday. Paris mayor Anne Hidalgo said images of smog blanketing the capital were proof of the need to reduce vehicle use in the city center. The air pollution peak is due to the combination of emissions from vehicles and from domestic wood fires as well as near windless conditions which means pollutants have not been dispersed, the Airparif agency said. "This is a record period (of pollution) for the last 10 years," Karine Leger of AirParif told AFP by telephone. For more than a week, Airparif has published readings of PM10 at more than 80 micrograms per cubic meter of air particles, triggering the pollution alert. Along with odd-numbered cars, hybrid or electric vehicles as well as those carrying three or more people will be allowed to roam the roads. Foreign and emergency vehicles will be unaffected.
Cellphones

NSA, GCHQ Have Been Intercepting In-Flight Mobile Calls For Years (reuters.com) 99

An anonymous reader quotes a report from Reuters: American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft, France's Le Monde newspaper reported on Wednesday, citing documents from former U.S. spy agency contractor Edward Snowden. According to the report, also carried by the investigative website The Intercept, Air France was targeted early on in the projects undertaken by the U.S. National Security Agency (NSA) and its British counterpart, GCHQ, after the airline conducted a test of phone communication based on the second-generation GSM standard in 2007. That test was done before the ability to use phones aboard aircraft became widespread. "What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common? They all used their everyday GSM phone during a flight," the reports cited one NSA document from 2010 as saying. In a separate internal document from a year earlier, the NSA reported that 100,000 people had already used their mobile phones in flight as of February 2009, a doubling in the space of two months. According to Le Monde, the NSA attributed the increase to "more planes equipped with in-flight GSM capability, less fear that a plane will crash due to making/receiving a call, not as expensive as people thought." Le Monde and The Intercept also said that, in an internal presentation in 2012, GCHQ had disclosed a program called "Southwinds," which was used to gather all the cellular activity, voice communication, data, metadata and content of calls made on board commercial aircraft.
Bug

Nintendo Offers Up To $20,000 To Hack the 3DS (silicon.co.uk) 44

Mickeycaskill writes: Nintendo will pay up to $20,000 for system and software vulnerabilities in the Nintendo 3DS family of handheld gaming consoles. The company is looking to prevent activities such as piracy, cheating and the circulation of inappropriate content to children. The stated goal is to "provide a secure environment for our customers so that they can enjoy our games and services. In order to achieve this goal, Nintendo is interested in receiving vulnerability information that researchers may discover regarding Nintendo's platforms." Silicon.co.uk reports: "Rewards will range from $100 to $20,000, with one given per 'qualifying piece of vulnerability information.' Hackers looking to claim a reward will have to provide Nintendo with either a proof-of-concept or a piece of functional exploit code in order to qualify."
Communications

Weather Channel To Breitbart: Stop Citing Us To Spread Climate Skepticism (weather.com) 575

Breitbart.com published an article last week that erroneously claims global warming is coming to an end, claiming "global land temperatures have plummeted by 1 degree Celsius since the middle of the year -- the biggest and steepest fall on record." The Weather Channel finds this report especially upsetting as it's not only inaccurate but it features a video from weather.com at the top of the article. The Weather Channel reports: Breitbart had the legal right to use this clip as part of a content-sharing agreement with another company, but there should be no assumption that The Weather Company endorses the article associated with it. The Breitbart article -- a prime example of cherry picking, or pulling a single item out of context to build a misleading case -- includes this statement: "The last three years may eventually come to be seen as the final death rattle of the global warming scare." In fact, thousands of researchers and scientific societies are in agreement that greenhouse gases produced by human activity are warming the planet's climate and will keep doing so. Along with its presence on the high-profile Breitbart site, the article drew even more attention after a link to it was retweeted by the U.S. House Committee on Science, Space, and Technology. The Breitbart article heavily references a piece that first appeared on U.K. Daily Mail's site. The Weather Channel went on to refute the Breitbart article's hypothesis: This number comes from one satellite-based estimate of temperatures above land areas in the lower atmosphere. Data from the other two groups that regularly publish satellite-based temperature estimates show smaller drops, more typical of the decline one would expect after a strong El Nino event. Temperatures over land give an incomplete picture of global-scale temperature. Most of the planet -- about 70 percent -- is covered by water, and the land surface warms and cools more quickly than the ocean. Land-plus-ocean data from the other two satellite groups, released after the Breitbart article, show that Earth's lower atmosphere actually set a record high in November 2016.
Music

Vinyl Records Outsold Digital Downloads In the UK Last Week (adweek.com) 188

Sales of vinyl outstripped those of downloaded music for the first time since the advent of digital downloads last week in the UK. From a report on AdWeek: The U.K.-based Entertainment Retailers Association, or ERA, said Monday that Britons spent 2.4 million pounds ($3.03 million) on the old-school wax last week while only doling out 2.1 million pounds ($2.65 million) for digital downloads. Vinyl Factory, a website dedicated to records, reported that those numbers represent a big change from the same week in 2015, when just 1.2 million pounds was spent on records compared with 4.4 million on digital downloads. That's a 100 percent year-over-year increase in vinyl sales and also the first time that vinyl album sales have bested digital downloads over a weeklong period in years, per Vinyl Factory. The surge in vinyl sales could be attributed to the popularity of vinyl as a Christmas gift and the growing number of retailers. You know it's a gift because, as BBC adds: But 48% of those surveyed said they did not play the vinyl they bought -- while 7% did not even own a turntable.
The Courts

Embedding Isn't Copyright Infringement, Says Italian Court (arstechnica.co.uk) 25

The appeal court of Rome has overturned one of the 152 website blocks another court imposed last month, and ruled that embedding does not constitute a copyright infringement. From an ArsTechnica report: The order against the Italian site Kisstube is annulled, but the other websites remain blocked. Kisstube is a YouTube channel, which also exists as a standalone website that does not host any content itself, linking instead to YouTube. Both the channel and website arrange content by categories for the convenience of users. The Italian court's decision was informed by an important ruling by the Court of Justice of the European Union (CJEU). In the BestWater case, the CJEU held that embedding or framing a video or image from another website is not copyright infringement if the latter is already accessible to the general public. However, another CJEU judgment ruled that posting hyperlinks to pirated copies of material is only legal provided it is done without knowledge that they are unauthorised versions, and it is not carried out for financial gain.
United Kingdom

For The UK's 'Snoopers' Charter', Politicians Voted Themselves An Exemption (independent.co.uk) 134

The "Snoopers' Charter" passed in the U.K. greatly expands the government's surveillance power. But before they'd enact the new Investigatory Powers Act, Britain's elected officials first voted to make themselves exempt from it. Sort of. An anonymous reader writes: While their internet browsing history will still be swept up, just like everyone else's, no one will ever be able to access it without specific approval from the Prime Minister. And according to The Independent, "That rule applies not only to members of the Westminster parliament but also politicians in the devolved assembly and members of the European Parliament."
The article adds that the exemption was the very first amendment they approved for the legislation. And for a very long time, the only amendment.
United Kingdom

UK Health Secretary Urges Social Media Companies To Block Cyberbullying And Underaged Sexting (betanews.com) 71

Mark Wilson shares his article on Beta News: Health secretary Jeremy Hunt has made calls for technology companies and social media to do more to tackle the problems of cyberbullying, online intimidation and -- rather specifically -- under-18-year-olds texting sexually explicit images. Of course, he doesn't have the slightest idea about how to go about tackling these problems, but he has expressed his concern so that, in conjunction with passing this buck to tech companies, should be enough, right?
Hunt apparently believes there's already a technology which can identify sexually explicit photos, and that social media networks should now also develop algorithms to identify and block cyberbullying, an idea the Guardian called "sadly laughable."

"Is the blanket censorship of non-approved communications for all under 18s -- something that goes far further than even the Great Firewall of China -- really the kind of thing a government minister should be able to idly suggest in 2016?"
Security

Crooks Need Just Six Seconds To Guess A Credit Card Number (independent.co.uk) 110

schwit1 quotes The Independent: Criminals can work out the card number, expiration date, and security code for a Visa debit or credit card in as little as six seconds using guesswork, researchers have found... Fraudsters use a so-called Distributed Guessing Attack to get around security features put in place to stop online fraud, and this may have been the method used in the recent Tesco Bank hack...

According to a study published in the academic journal IEEE Security & Privacy, fraudsters could use computers to systematically fire different variations of security data at hundreds of websites simultaneously. Within seconds, by a process of elimination, the criminals could verify the correct card number, expiration date and the three-digit security number on the back of the card.

One of the researchers explained this attack combines two weaknesses into one powerful attack. "Firstly, current online payment systems do not detect multiple invalid payment requests from different websites... Secondly, different websites ask for different variations in the card data fields to validate an online purchase. This means it's quite easy to build up the information and piece it together like a jigsaw puzzle."
Open Source

Devuan's Systemd-Free Linux Hits Beta 2 (theregister.co.uk) 330

Long-time Slashdot reader Billly Gates writes, "For all the systemd haters who want a modern distro feel free to rejoice. The Debian fork called Devuan is almost done, completing a daunting task of stripping systemd dependencies from Debian." From The Register: Devuan came about after some users felt [Debian] had become too desktop-friendly. The change the greybeards objected to most was the decision to replace sysvinit init with systemd, a move felt to betray core Unix principles of user choice and keeping bloat to a bare minimum. Supporters of init freedom also dispute assertions that systemd is in all ways superior to sysvinit init, arguing that Debian ignored viable alternatives like sinit, openrc, runit, s6 and shepherd. All are therefore included in Devuan.
Devuan.org now features an "init freedom" logo with the tagline, "watching your first step. Their home page now links to the download site for Devuan Jessie 1.0 Beta2, promising an OS that "avoids entanglement".
Encryption

Encryption Backdoor Sneaks Into UK Law (theregister.co.uk) 137

Coisiche found a disturbing article from The Register about the U.K.'s new "Snoopers' Charter" law that has implications for tech companies around the world: Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the U.K. government to undermine encryption and demand surveillance backdoors... As per the final wording of the law, comms providers on the receiving end of a "technical capacity notice" will be obliged to do various things on demand for government snoops -- such as disclosing details of any system upgrades and removing "electronic protection" on encrypted communications. Thus, by "technical capability," the government really means backdoors and deliberate security weaknesses so citizens' encrypted online activities can be intercepted, deciphered and monitored... At the end of the day, will the U.K. security services be able to read your email, your messages, your posts and private tweets, and your communications if they believe you pose a threat to national security? Yes, they will.
The bill added the Secretaries of State as a required signatory to the "technical capacity" notices, which "introduces a minor choke-point and a degree of accountability." But the article argues the law ultimately anticipates the breaking of encryption, and without customer notification. "The U.K. government can certainly insist that a company not based in the U.K. carry out its orders -- that situation is specifically included in the new law -- but as to whether it can realistically impose such a requirement, well, that will come down to how far those companies are willing to push back and how much they are willing to walk away from the U.K. market."
Security

The 'USB Killer' Has Been Mass Produced -- Available Online For About $50 (arstechnica.com) 243

New submitter npslider writes: The "USB Killer," a USB stick that fries almost everything that it is plugged into, has been mass produced -- available online for about $50. Ars Technica first wrote about this diabolical device that looks like a fairly humdrum memory stick a year ago. From the report: "The USB Killer is shockingly simple in its operation. As soon as you plug it in, a DC-to-DC converter starts drawing power from the host system and storing electricity in its bank of capacitors (the square-shaped components). When the capacitors reach a potential of -220V, the device dumps all of that electricity into the USB data lines, most likely frying whatever is on the other end. If the host doesn't just roll over and die, the USB stick does the charge-discharge process again and again until it sizzles. Since the USB Killer has gone on sale, it has been used to fry laptops (including an old ThinkPad and a brand new MacBook Pro), an Xbox One, the new Google Pixel phone, and some cars (infotainment units, rather than whole cars... for now). Notably, some devices fare better than others, and there's a range of possible outcomes -- the USB Killer doesn't just nuke everything completely." You can watch a video of EverythingApplePro using the USB Killer to fry a variety of electronic devices. It looks like the only real defense from the USB Killer is physically capping your ports.
AI

Stephen Hawking: Automation and AI Is Going To Decimate Middle Class Jobs (businessinsider.com) 468

An anonymous reader quotes a report from Business Insider: In a column in The Guardian, the world-famous physicist wrote that "the automation of factories has already decimated jobs in traditional manufacturing, and the rise of artificial intelligence is likely to extend this job destruction deep into the middle classes, with only the most caring, creative or supervisory roles remaining." He adds his voice to a growing chorus of experts concerned about the effects that technology will have on workforce in the coming years and decades. The fear is that while artificial intelligence will bring radical increases in efficiency in industry, for ordinary people this will translate into unemployment and uncertainty, as their human jobs are replaced by machines. Automation will, "in turn will accelerate the already widening economic inequality around the world," Hawking wrote. "The internet and the platforms that it makes possible allow very small groups of individuals to make enormous profits while employing very few people. This is inevitable, it is progress, but it is also socially destructive." He frames this economic anxiety as a reason for the rise in right-wing, populist politics in the West: "We are living in a world of widening, not diminishing, financial inequality, in which many people can see not just their standard of living, but their ability to earn a living at all, disappearing. It is no wonder then that they are searching for a new deal, which Trump and Brexit might have appeared to represent." Combined with other issues -- overpopulation, climate change, disease -- we are, Hawking warns ominously, at "the most dangerous moment in the development of humanity." Humanity must come together if we are to overcome these challenges, he says.
United Kingdom

UK Homes Lose Internet Access After Cyber-Attack (theguardian.com) 33

More than 100,000 people in the UK have had their internet access cut after a string of service providers were hit by what is believed to be a coordinated cyber-attack, taking the number affected in Europe up to about a million. From a report on The Guardian, shared by reader JoshTops: TalkTalk, one of Britain's biggest service providers, the Post Office and the Hull-based KCom were all affected by the malware known as the Mirai worm, which is spread via compromised computers. The Post Office said 100,000 customers had experienced problems since the attack began on Sunday and KCom put its figure at about 10,000 customers since Saturday. Earlier this week, Germany's Deutsche Telekom said up to 900,000 of its customers had lost their internet connection as part of the same incident.
United States

US Economy Added 178,000 Jobs in November; Unemployment Rate Drops To 4.6 Percent (washingtonpost.com) 533

The U.S. economy added 178,000 jobs in November, while the unemployment rate fell to 4.6 percent from 4.9 percent the previous month, according to new government data released (Editor's note: the link could be paywalled; alternate source) Friday morning. From a report on the Washington Post: Economists surveyed by Bloomberg News had expected U.S. employers to create 180,000 new jobs last month -- roughly in line with the average number added in the first 11 months of the year. The first release after a contentious election in which the candidates disputed the health and direction of the economy, the data showed a job market that is continuing to steadily strengthen from the recession. The unemployment rate fell to levels not seen since August 2007, before a bubble in the U.S. housing market began to burst. The fall was driven partly by the creation of new jobs, and partly by people retiring and otherwise leaving the labor force. The labor force participation rate ticked down to 62.7 percent. Average hourly earnings declined by 3 cents to $25.89. The decrease pared back large gains seen in October, but over the year average hourly earnings are still up 2.5 percent, the Bureau of Labor Statistics said.
Piracy

UK ISPs To Start Sending 'Piracy Alerts' Soon (torrentfreak.com) 71

Beginning next year, internet service providers in the UK will send email notifications to subscribers whose connections have been allegedly used to download copyright infringing content. In what is an attempt to curtail piracy rates, these alerts would try to educate those who pirate about legal alternates. TorrentFreak adds: Mimicking its American counterpart, the copyright alert program will monitor the illegal file-sharing habits of UK citizens with a strong focus on repeat infringers. The piracy alerts program is part of the larger Creative Content UK (CCUK) initiative which already introduced several anti-piracy PR campaigns, targeted at the general public as well as the classroom. The plan to send out email alerts was first announced several years ago when we discussed it in detail, but it took some time to get everything ready. This week, a spokesperson from CCUK's "Get it Right From a Genuine Site" campaign informed us that it will go live in first few months of 2017. It's likely that ISPs and copyright holders needed to fine-tune their systems to get going, but the general purpose of the campaign remains the same.

Slashdot Top Deals