Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Government

FCC To Halt Rule That Protects Your Private Data From Security Breaches (arstechnica.com) 97

According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening. The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches. The rule would be blocked even if a majority of commissioners supported keeping them in place, because the FCC's Wireline Competition Bureau can make the decision on its own. That "full commission vote on the pending petitions" could wipe out the entire privacy rulemaking, not just the data security section, in response to petitions filed by trade groups representing ISPs. That vote has not yet been scheduled. The most well-known portion of the privacy order requires ISPs to get opt-in consent from consumers before sharing Web browsing data and other private information with advertisers and other third parties. The opt-in rule is supposed to take effect December 4, 2017, unless the FCC or Congress eliminates it before then. Pai has said that ISPs shouldn't face stricter rules than online providers like Google and Facebook, which are regulated separately by the Federal Trade Commission. Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards. According to today's FCC statement, the data security rule "is not consistent with the FTC's privacy standards."
Android

Google Renames Messenger To Android Messages as the Company Pushes RCS (betanews.com) 87

We have come a long way from the age of flip phones and nine-key texting. Even as if group messaging and instant messengers took over, the SMS has largely retained its core standard over the years. Google wants to change that, and for this, it has been working with hundreds of carriers and manufacturers around the world to bring the text message into the 21st century. Using a standard called Rich Communications Services, the group plans to make a texting app that comes with your phone and is every bit as powerful as those dedicated messaging apps. This would make all the best features available to everyone with an Android phone. From a report on BetaNews: Just last week we were talking about Google's championing of RCS (Rich Communication Services), the successor to SMS. Now the company has renamed its Messenger app to Android Messages as it aims to become not just the default SMS app, but the default RCS app for Android users. Part of the reason for the name change is to convey the idea that the app is now about more than just one type of message. Google is betting big on RCS and this is hinted at in the app update description which says it adds "Simpler sign-up for enhanced features on supported carriers."
Google

With No Fair Use, It's More Difficult to Innovate, Says Google (torrentfreak.com) 59

Unlike the United States where 'fair use' exemptions are entrenched in law, Australia has only a limited "fair dealing" arrangement. This led head of copyright at Google to conclude that Australia wouldn't be a safe place for his company to store certain data, a clear hindrance to innovation and productivity. From a report on TorrentFreak: The legal freedom offered by fair use is a cornerstone of criticism, research, teaching and news reporting, one that enables the activities of thousands of good causes and enriches the minds of millions. However, not all countries fully embrace the concept. Perhaps surprisingly, Australia is currently behind the times on this front, a point not lost on Google's Senior Copyright Counsel, William Patry. Speaking with The Australian, Patry describes local copyright law as both arcane and not fit for purpose, while acting as a hindrance to innovation and productivity. "We think Australians are just as innovative as Americans, but the laws are different. And those laws dictate that commercially we act in a different way," Patry told the publication. "Our search function, which is the basis of the entire company, is authorized in the US by fair use. You don't have anything like that here." Australia currently employs a more restrictive "fair dealing" approach, but itâ(TM)s certainly possible that fair use could be introduced in the near future.
Apple

Treasure Trove of Internal Apple Memos Discovered in Thrift Store (gizmodo.com) 28

An anonymous reader shares a Gizmodo report: Peeking inside a book bin at a Seattle Goodwill, Redditor vadermeer caught an interesting, unexpected glimpse into the early days of Apple: a cache of internal memos, progress reports, and legal pad scribbles from 1979 and 1980, just three years into the tech monolith's company history. The documents at one point belonged to Jack MacDonald -- then the manager of systems software for the Apple II and III (in these documents referred to by its code name SARA). The papers pertain to implementation of Software Security from Apple's Friends and Enemies (SSAFE), an early anti-piracy measure. Not much about MacDonald exists online, and the presence of his files in a thrift store suggests he may have passed away, though many of the people included in these documents have gone on to long and lucrative careers. The project manager on SSAFE for example, Randy Wigginton, was Apple's sixth employee and has since worked for eBay, Paypal, and (somewhat tumultuously) Google. Apple co-founder Steve Wozniak also features heavily in the implementation of these security measures.
Google

Alphabet's Waymo Sues Uber For Allegedly Stealing Self-Driving Secrets (bloomberg.com) 62

An anonymous reader quotes a report from Bloomberg: It took Alphabet Inc.'s Waymo seven years to design and build a laser-scanning system to guide its self-driving cars. Uber Technologies Inc. allegedly did it in nine months. Waymo claims in a lawsuit filed Thursday that was possible because a former employee stole the designs and technology and started a new company. Waymo accuses several employees of Otto, a self-driving startup Uber acquired in August for $680 million, of lifting technical information from Google's autonomous car project. The "calculated theft" of Alphabet's technology earned Otto's employees more than $500 million, according to the complaint in San Francisco federal court. The claims in Thursday's case include unfair competition, patent infringement and trade secret misappropriation. Waymo was inadvertently copied on an e-mail from one of its vendors, which had an attachment showing an Uber lidar circuit board that had a "striking resemblance" to Waymo's design, according to the complaint. Anthony Levandowski, a former manager at Waymo, in December 2015 downloaded more than 14,000 proprietary and confidential files, including the lidar circuit board designs, according to the complaint. He also allegedly created a domain name for his new company and confided in some of his Waymo colleagues of plans to "replicate" its technology for a competitor. Levandowski left Waymo in January 2016 and went on in May to form Otto LLC, which planned to develop hardware and software for autonomous vehicles.
Bug

Cloudflare Leaks Sensitive User Data Across the Web (theregister.co.uk) 80

ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OK Cupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache. Further reading: The Register, Ars Technica
Iphone

Cellebrite Can Now Unlock Apple iPhone 6, 6 Plus (cyberscoop.com) 103

Patrick O'Neill writes: A year after the battle between the FBI and Apple over unlocking an iPhone 5c used by a shooter in the San Bernardino terrorist attack, smartphone cracking company Cellebrite announced it can now unlock the iPhone 6 and 6 Plus for customers at rates ranging from $1,500 to $250,000. The company's newest products also extract and analyze data from a wide range of popular apps including all of the most popular secure messengers around. From the Cyberscoop report: "Cellebrite's ability to break into the iPhone 6 and 6 Plus comes in their latest line of product releases. The newest Cellebrite product, UFED 6.0, boasts dozens of new and improved features including the ability to extract data from 51 Samsung Android devices including the Galaxy S7 and Galaxy S7 Edge, the latest flagship models for Android's most popular brand, as well as the new high-end Google Pixel Android devices."
Piracy

Google Says Almost Every Recent 'Trusted' DMCA Notices Were Bogus (torrentfreak.com) 81

Reader AmiMoJo writes: In comments submitted to a U.S. Copyright Office consultation, Google has given the DMCA a vote of support, despite widespread abuse. Noting that the law allows for innovation and agreements with content creators, Google says that 99.95% of URLs it was asked to take down last month didn't even exist in its search indexes. "For example, in January 2017, the most prolific submitter submitted notices that Google honored for 16,457,433 URLs. But on further inspection, 16,450,129 (99.97%) of those URLs were not in our search index in the first place."
Google

Google Has Demonstrated a Successful Practical Attack Against SHA-1 (googleblog.com) 131

Reader Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Facebook

'Social Media Needs A Travel Mode' (idlewords.com) 143

Maciej CegÅowski, a Polish-American web developer, entrepreneur, and social critic, writes on a blog post: We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers. Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home. Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously. A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support. What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users. To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off.
Google

Google Releases an AI Tool For Publishers To Spot and Weed Out Toxic Comments (bbc.com) 191

Google today launched a new technology to help news organizations and online platforms identify and swiftly remove abusive comments on their websites. The technology, called Perspective, will review comments and score them based on how similar they are to comments people said were "toxic" or likely to make them leave a conversation. From a report on BBC: The search giant has developed something called Perspective, which it describes as a technology that uses machine learning to identify problematic comments. The software has been developed by Jigsaw, a division of Google with a mission to tackle online security dangers such as extremism and cyberbullying. The system learns by seeing how thousands of online conversations have been moderated and then scores new comments by assessing how "toxic" they are and whether similar language had led other people to leave conversations. What it's doing is trying to improve the quality of debate and make sure people aren't put off from joining in.
Google

Google Releases Open Source File Sharing Project 'Upspin' On GitHub (betanews.com) 57

BrianFagioli quotes a report from BetaNews: Today, Google unveiled yet another way to share files. Called "Upspin," the open source project aims to make sharing easier for home users. With that said, the project does not seem particularly easy to set up or maintain. For example, it uses Unix-like directories and email addresses for permissions. While it may make sense to Google engineers, I am dubious that it will ever be widely used. "Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world. Upspin is not an "app" or a web service, but rather a suite of software components, intended to run in the network and on devices connected to it, that together provide a secure, modern information storage and sharing network," says Google. The search giant adds: "Upsin is a layer of infrastructure that other software and services can build on to facilitate secure access and sharing. This is an open source contribution, not a Google product. We have not yet integrated with the Key Transparency server, though we expect to eventually, and for now use a similar technique of securely publishing all key updates. File storage is inherently an archival medium without forward secrecy; loss of the user's encryption keys implies loss of content, though we do provide for key rotation."
Cellphones

Cellphones As a Fifth-Order Elaboration of Maxwell's Theory (ieee.org) 128

schwit1 shares a report from IEEE Spectrum that reflects on the "Stages of Electronics" based on James Clerk Maxwell's theory: Now that the world has become addicted to portable electronics, billions of people have come to see the companies providing these gadgets as the most innovative, and the people who head those companies as the most exalted, of all time. "Genius" is a starter category in this discussion. But clever and appealing though today's electronic gadgets may be, to the historian they are nothing but the inevitable fifth-order elaborations of two fundamental ideas: electromagnetic radiation, the theory of which was formulated by James Clerk Maxwell in the 1860s, and miniaturized fabrication, which followed Richard Feynman's 1959 dictum [PDF] that "there's plenty of room at the bottom." Maxwell was a true genius. The history of science offers few examples of work as brilliant as unifying electricity, magnetism, and light as aspects of a single phenomenon: electromagnetic waves. As Max Planck put it, "in doing so he achieved greatness unequalled."

Vaclav Smil writes via IEEE: "As I pass the zombielike figures on the street, oblivious to anything but their cellphone screens, I wonder how many of them know that the most fundamental advances enabling their addictions came not from Nokia, Apple, Google, Samsung, or LG. These companies' innovations are certainly admirable, but they amount only to adding a few fancy upper floors to a magnificent edifice whose foundations were laid by Maxwell 152 years ago and whose structure depends on decades-old advances that made it possible to build electronics devices ever smaller."

Businesses

The Death of the Click (axios.com) 129

Sara Fischer, writing for Axios: For the past 10 years, we've operated on the premise that the most important digital metric is the click that refers a person to a website. That click usually comes from a social distribution channel, like Facebook or Twitter, or a search engine, like Google or Bing. But according to industry experts, the click referral is becoming an idea of the past, soon to be replaced by content exposure. [...] Most publishers have designed their websites to measure user interaction through clicks, not scroll rates or time spent on stories. As the industry moves away from click-through rates (CTR's) as the most meaningful marketing metric, those publishers will have a difficult time justifying the effectiveness of their platforms for marketers.
Piracy

Google and Microsoft To Crackdown On Piracy Sites In Search Results (telegraph.co.uk) 103

Google and Microsoft pledged on Monday to crack down on sites hosting pirated content that show up on their search engines. In what is being called a first of its kind agreement, Google and Microsoft's Bing will demote U.K. search results of copyright infringing websites. From a report on The Telegraph: The search engine operators have signed up to a clampdown that will see the UK's copyright watchdog monitor the search results they provide for unlawful websites. The agreement follows years of campaigning by record labels and film studios, which have accused Google and Microsoft of turning a blind eye to piracy and dragging their feet over measures to protect copyright online. Under a new voluntary code, the tech giants have committed to demote websites that have repeatedly been served with copyright infringement notices, so that they do not appear on the first page for common searches.
Bug

Google Discloses An Unpatched Windows Bug (Again) (bleepingcomputer.com) 121

An anonymous reader writes: "For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement," reports BleepingComputer. "The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll)..." According to Google, the issue allows an attacker to read the content of the user's memory using malicious EMF files. The bad news is that the EMF file can be hidden in other documents, such as DOCX, and can be exploited via Office, IE, or Office Online, among many.

"According to a bug report filed by Google's Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft's security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable." He later resubmitted the bugs in November 2016. The 90-days deadline for fixing the bugs expired last week, and the Google researcher disclosed the bug to the public after Microsoft delayed February's security updates to next month's Patch Tuesday, for March 15.

Microsoft has described Google's announcements of unpatched Windows bugs as "disappointing".
Communications

Alaska Gets 'Artificial Aurora' As HAARP Antenna Array Listens Again (hackaday.com) 69

Freshly Exhumed quotes Hackaday: The famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Force's High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 high-frequency antennas and their associated high-power transmitters. Its purpose is to conduct research on charged particles in the upper atmosphere, but that hasn't stopped an array of bizarre conspiracy theories.
A university space physics researcher will actually create an artificial aurora starting Sunday (and continuing through Wednesday) to study how yjr atmosphere affects satellite-to-ground communications, and "observers throughout Alaska will have an opportunity to photograph the phenomenon," according to the University. "Under the right conditions, people can also listen to HAARP radio transmissions from virtually anywhere in the world using an inexpensive shortwave radio."
Cellphones

Should International Travelers Leave Their Phones At Home? (freecodecamp.com) 511

Long-time Slashdot reader Toe, The sums up what he learned from freeCodeCamp's Quincy Larson: "Before you travel internationally, wipe your phone or bring/rent/buy a clean one." Larson's article is titled "I'll never bring my phone on an international flight again. Neither should you." All the security in the world can't save you if someone has physical possession of your phone or laptop, and can intimidate you into giving up your password... Companies like Elcomsoft make 'forensic software' that can suck down all your photos, contacts -- even passwords for your email and social media accounts -- in a matter of minutes.... If we do nothing to resist, pretty soon everyone will have to unlock their phone and hand it over to a customs agent while they're getting their passport swiped... And with this single new procedure, all the hard work that Apple and Google have invested in encrypting the data on your phone -- and fighting for your privacy in court -- will be a completely moot point.
The article warns Americans that their constitutional protections don't apply because "the U.S. border isn't technically the U.S.," calling it "a sort of legal no-man's-land. You have very few rights there." Larson points out this also affects Canadians, but argues that "You can't hand over a device that you don't have."
Google

YouTube Will Kill Unskippable 30-Second Ads Next Year (theverge.com) 159

YouTube is planning to do away with the non-skippable 30-second ads that appear before a YouTube video. From a report: In a statement first given to Campaign then confirmed by The Verge, a Google spokesperson said the company will focus on commercial formats that are more engaging for both advertisers and viewers. "We're committed to providing a better ads experience for users online. As part of that, we've decided to stop supporting 30-second unskippable ads as of 2018 and focus instead on formats that work well for both users and advertisers," Google said.
Google

Breakthrough in Alphabet's Balloon-Based Internet Project Means It Might Actually Wor (recode.net) 82

Loon, the balloon project that aims to deliver internet to parts of the world that lack reliable connectivity, announced this week that due to advancements in the machine learning software, it can now deploy fewer balloons to provide greater connectivity. From a report on Recode: The Loon balloon project is part of X, the experimental division of Alphabet, Google's parent company. Now in its fourth year, the engineers at Loon say their new machine learning techniques significantly shorten their timeline for launching the project. Initially, engineers proposed that the Loon balloons would float around the globe and that they would have to find a way to keep the balloons a safe traveling distance apart and replace a balloon that drifted from an area that needed connectivity. Now, the team says they've found a way to keep the balloons in a much more concentrated location, thanks to their improved altitude control and navigation system. Loon says that balloons will now make small loops over a land mass, instead of circumnavigating the whole planet.

Slashdot Top Deals