Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
NES (Games)

Doyodo RetroEngine Sigma Is a Linux-Powered Classic Video Game Emulation Console (betanews.com) 91

BrianFagioli quotes a report from BetaNews: The Nintendo NES Classic is quite an amazing console. True, it is not as powerful as modern game systems like Xbox One and PlayStation 4, but it comes pre-loaded with many classic NES titles. Unfortunately, its strength is also its weakness -- those pre-loaded titles are the only games you can play. You cannot load other games, so you are stuck with what you got. As an alternative, some folks use software emulation and ROMs on their computers to play countless video game titles. Of course, there are moral concerns here, as you are often downloading the games illegally -- unless you own the physical copy, that is. Even then, it is a gray area. Today, a company called Doyodo launched a new Linux-powered emulation console on Indiegogo. The device not only plays NES games, but Atari, Game Boy, PlayStation 1, Genesis, and more. You play using USB controllers. In addition, it can serve as a media player (with Kodi) or a full-fledged Linux desktop. Some other features include 4K video playback, Wi-Fi networking built in, and a compact and portable design. There's even a deluxe version that ships with Bluetooth, an extra controller and 32GB of storage; the basic configuration includes just one controller and 16GB of storage. You can view the Indiegogo page here.
HP

HP Shutting Down Default FTP, Telnet Access To Network Printers (pcworld.com) 83

Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools. From a report on PCWorld: Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed. "HP has started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites" identified by the U.S. National Institute of Standards and Technology as less than secure, the company said in a statement. In addition, HP also announced firmware updates to existing business printers with improved password and encryption settings, so hackers can't easily break into the devices.
United States

Sysadmin Gets Two Years In Prison For Sabotaging ISP (bleepingcomputer.com) 132

After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked. An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."

When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.

Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 121

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Censorship

China Is Censoring People's Chats Without Them Even Knowing About It (qz.com) 76

An anonymous reader quotes a report from Quartz: A new study from The Citizen Lab, a research group at the University of Toronto, reveals that censorship on WeChat occurs primarily in group chats rather than one-on-one chats between two people, and often in such a way where the sender of a text isn't even aware a piece of text has been scrubbed. The discoveries illuminates how China's government attempts to keep its citizens blind to the scope of its censorship regime. The researchers set out find the extent to which certain keywords got scrubbed from conversations between two or more users in WeChat. To do this, in June 2016 the team posed as a Chinese WeChat user and sent out 26,821 keywords containing terms that had been censored on other apps, including Tom-Skype (a made-for-China version of Skype) and YY (a live broadcast app). A corresponding Canadian user in the two-way chat would then report back to say whether or not the message had been received. The report states that out of the entire sample, only one term -- Falun Gong -- had been scrubbed. When they ran an identical test in August, even that text mysteriously passed without censorship. Yet when they tested group chats, they found multiple cases in which certain keywords triggered a removal. Specifically, while sensitive terms used in isolation were unlikely to trigger censorship (say "June 4th," a reference to the Tiananmen Square protests, brutally put down on June 4, 1989), it took effect when they were used in a full sentence or with other keywords. The researchers also discovered that when WeChat censored a message, the sender received no notice informing him that his text had not reached the intended recipient. The study also notes that "WeChat only censors content for users who bind their account to a mainland Chinese phone number when they first register to use the app." The censorship is still applied even if Chinese residents move to different countries or change phone numbers.
Communications

Reddit To Crack Down On Abuse By Punishing Hundreds of 'Toxic Users' (reuters.com) 229

An anonymous reader quotes a report from Reuters: Social media website Reddit, known for its commitment to free speech, will crack down on online harassment by banning or suspending users who target others, starting with those who have directed abuse at Chief Executive Steve Huffman. Huffman said in an interview with Reuters that Reddit's content policy prohibits harassment, but that it had not been adequately enforced. "Personal message harassment is the most cut and dry," he said. "Right now we are in an interesting position where my inbox is full of them, it's easy to start with me." As well as combing through Huffman's inbox, Reddit will monitor user reports, add greater filtering capacity, and take a more proactive role in policing its platform rather than relying on community moderators. Reddit said it had identified hundreds of the "most toxic users" and will warn, ban or suspend them. It also plans to increase staff on its "trust and safety" team. On Reddit, a channel supporting the U.S. Republican party's presidential candidate Donald Trump, called r/The_Donald, featured racist and misogynistic comments, fake news and conspiracy theories about his Democratic challenger Hillary Clinton, along with more mainstream expressions of support for Trump. Many of those supporting Trump were very active, voting up the r/The_Donald conversations so that they became prominent across Reddit, which is the 7th-most-visited U.S. internet site, according to web data firm Alexa. Last week, Reddit banned Pizzagate, a community devoted to a conspiracy theory, with no evidence to back it up, that links Clinton to a pedophile ring at a Washington, D.C. pizza parlor, after it posted personal information in violation of Reddit policy. Huffman then used his administrative privileges to redirect abuse he was receiving on a thread on r/The_Donald to the community's moderators -- making it look as if it was intended for them. Huffman said it was a prank, and that many Reddit users, including some Trump supporters, told him they thought it was funny, but it inflamed the situation.
EU

EU's Law Enforcement Agency Closes 4,500 Websites Peddling Fake Brands (phys.org) 72

An anonymous reader quotes a report from Phys.Org: In a massive crackdown, police and law enforcement agencies across Europe have seized more than 4,500 website domains trading in counterfeit goods, often via social networks, officials said on Monday. The operation came as Europol, Europe's police agency, unveiled its newest campaign dubbed "Don't F***(AKE) Up" to stop scam websites selling fake brand names online. In the crackdown, agencies from 27 countries mostly in Europe but including from the U.S. and Canada, joined forces to shut down over 4,500 websites. They were selling everything from "luxury goods, sportswear, spare parts, electronics, pharmaceuticals, toiletries and other fake products," Europol said in a statement, without saying how long the crackdown took. An annual operation run in collaboration with the U.S. Immigration and Customs Enforcement and Homeland Security, there was "a significant increase in the number of seized domain names compared to last year," said Europol director Rob Wainwright. As part of the crackdown, Dutch anti-fraud police arrested 12 people across The Netherlands over the past two weeks as they searched homes and warehouses. Most of the raids were prompted by online sales of counterfeit goods on social networking sites such as Facebook and Instagram. More than 3,500 items of clothing and fake luxury goods were seized in Holland, including shoes, bags and perfumes purporting to be such brands as Nike, Adidas, and Kenzo, with a market value of tens of thousands euros. Publishing a guide on how to spot fake websites and social media scams, Europol warned consumers had to be on their guard.
Botnet

You Can Now Rent A Mirai Botnet Of 400,000 Bots (bleepingcomputer.com) 62

An anonymous reader writes: Two hackers are renting access to a massive Mirai botnet, which they claim has more than 400,000 infected bots, ready to carry out DDoS attacks at anyone's behest. The hackers have quite a reputation on the hacking underground and have previously been linked to the GovRAT malware, which was used to steal data from several US companies. Renting around 50,000 bots costs between $3,000-$4,000 for 2 weeks, meaning renting the whole thing costs between $20,000-$30,000.

After the Mirai source code leaked, there are countless smaller Mirai botnets around, but this one is [believed to be the one] accounting for more than half of all infected IoT devices...that supposedly shut down Internet access in Liberia. The original Mirai botnet was limited to only 200,000 bots because there were only 200,000 IoT devices connected online that had their Telnet ports open. The botnet that's up for rent now has received improvements and can also spread to IoT devices via SSH, hence the 400,000 bots total.

Interestingly, the article claims the botnet's creators had access \to the Mirai source code "long before it went public."
Social Networks

Facebook's Latest Experiment: Helping You Find Free Wi-Fi Hotspots (macworld.com) 32

Users of the social network's iOS app report seeing a new feature in the More section that lets them find nearby public Wi-Fi access points. From a MacWorld story: The feature does not appear to be widely available at the moment, which means this is probably something Facebook is only testing. The social network tests numerous features all the time but this one is particularly notable. Helping users find public Wi-Fi could enable more people to use Facebook Live. If your cellular connection isn't strong, a nearby Wi-Fi location can be a big help -- unless, of course, your Facebook Live broadcast is dependent on your specific location. There could be other uses for finding Wi-Fi beyond live video broadcasts. If you're desperate to upload a photo or recorded video, then locating the closest public Wi-Fi point helps. On top of that it's just one more reason to open the Facebook app, which Facebook obviously wants to encourage as much as possible. Check where the nearest Wi-Fi hotspot is, see that unread notifications indicator at the top of the screen, and before you know it you're engrossed in the news feed.
The Internet

Microsoft Partners With D-Link To Deliver Speedier Wi-Fi in Rural Regions (zdnet.com) 41

Microsoft has partnered with networking equipment manufacturer D-Link to deliver speedier Wi-Fi to rural communities around the world. From a report on ZDNet:Dubbed "Super Wi-Fi", the wireless infrastructure is set to be based on the 802.11af protocol, and will take advantage of unused bandwidth in the lower-frequency white spaces between television channel frequencies where signals travel further than at higher frequencies. A pilot of the first phase is commencing in an unnamed American state, with trials also slated to run in three other countries. "D-Link sees ourselves at the very heart of this kind of technical innovation and development. We also acknowledge that we have a role to play in helping all countries and future generations better connect," said Sydney-based D-Link managing director for ANZ Graeme Reardon. "Our goal is to use all of our 30 years' experience and expertise and our global footprint to help deliver Super Wi-Fi as a technological platform for growth to the world's underdeveloped regions."
Networking

Ask Slashdot: Could A 'Smart Firewall' Protect IoT Devices? 230

To protect our home networks from IoT cracking, Ceaus wants to see a smart firewall: It's a small box (the size of a Raspberry Pi) with two ethernet ports you put in front of your ISP router. This firewall is capable of detecting your IoT devices and blocking their access to the internet, only and exclusively allowing traffic for the associated mobile app (if there is one). All other outgoing IoT traffic is blocked... Once you've plugged in your new IoT toaster, you press the "Scan" button on the firewall and it does the rest for you.
This would also block "snooping" from outside your home network, and of course, keep your devices off botnets. The original submission asks "Does such a firewall exist? Is this a possible Kickstarter project?" So leave your best answers in the comments. Could a smart firewall protect IoT devices?
Communications

When a City Has Gigabit Internet, Prices For Slower Speed Tiers Drop: Study (arstechnica.com) 42

A new industry-funded research study, titled "Broadband competition helps to lower prices and faster download speeds for U.S. residential consumers," analyzed DSL, cable, and fiber broadband plans from the 100 largest designated market areas in the U.S. and found that when a city has gigabit internet speeds, the price of plans with slower speeds drop. Therefore, customers who don't purchase gigabit internet plans will still benefit from their availability. Ars Technica highlights the key findings of the study in their report: -The presence of gigabit service in a market is associated with a $27 decrease in the average monthly price of broadband plans with speeds of 100Mbps or greater but less than 1Gbps. That's a 25 percent price reduction.
-Markets with gigabit Internet also see smaller price decreases for plans as slow as 25Mbps. The presence of gigabit Internet has no significant effect on prices of plans with speeds below 25Mbps. This isn't that surprising since the slowest plans are already the cheapest and aren't suitable substitutes for gigabit speeds.
-Gigabit prices decline when at least two providers offer gigabit service. "If a DMA moves from having one to two providers of gigabit Internet, we estimate that the standard monthly price for gigabit Internet will decline by approximately $57 to $62, which is equal to a reduction in price of between 34 and 37 percent," the study said. Going from one to three gigabit competitors would reduce prices by an estimated $98.11 to $106.50 per month.
-Competition at any speed reduces prices. "An increase of one competitor is associated with approximately a $1.50 decline in the monthly standard broadband price for Internet plans with speeds ranging from 50Mbps to less than 1Gbps," the study said. For plans with download speeds of less than 25Mbps, the decrease in average monthly price is $0.42 for each competitor.
-Availability of fast speeds increases the likelihood that other ISPs will introduce their own higher-speed plans to match competitors. "In particular, we find that each additional competitor offering broadband in a higher speed category will increase the probability that other broadband providers in the market will offer broadband at those higher speeds by 4 to 17 percent on an annual basis," the study said.
-Average monthly prices for each speed category are as follows: $52.60 for speeds less than 25Mbps; $74.05 for plans from 25Mbps to 99Mbps; $108.52 for plans of least 100Mbps but less than 1Gbps; and $165.63 for speeds of at least 1Gbps.

Social Networks

LinkedIn-Russia: US Says Concerned Over Decision to Block Professional Networking Site (ndtv.com) 95

The US government said on Friday it was deeply concerned over Russia's decision to block public access to networking site LinkedIn, saying it created a precedent that could be used to justify blocking other sites operating in Russia. From a report: LinkedIn, which has its headquarters in the United States, is the first major social network to be blocked under a new law that requires firms holding Russian citizens' data to store it on servers on Russian soil. Internet services analysts say other tech firms, including Facebook and Twitter, could also find access blocked unless they move data onto Russian-based servers. Maria Olson, spokeswoman at the US Embassy in Moscow, said Washington urged the Russian authorities to restore access immediately to LinkedIn, and said the restrictions harmed competition and the Russian people. "The United States is deeply concerned by Russia's decision to block access to the website LinkedIn," Olson said in a statement sent to Reuters. "This decision is the first of its kind and sets a troubling precedent that could be used to justify shutting down any website that contains Russian user data."
Chrome

New Chrome Extension Automatically Negotiates With Comcast For Rate Discounts (fiercecable.com) 62

A technology company called Trim aims to take away the stress and displeasure associated with talking to Comcast service representatives. They have created a bot via a Google Chrome extension that negotiates with Comcast reps over the internet, seeking discounts for various services offered by the cable giant. FierceCable reports: Trim is marketing the tool in this somewhat hilarious YouTube video, which shows the subscriber, "Brian Roberts," typing his Comcast customer information (name, phone number, email, etc.) into the application. The bot takes it from there, initiating chat with a Comcast "analyst" named "Sukhwinder."

"Hi. I'm trying to lower my bill," the bot says. "I don't want to upgrade anything or change my plan at all. I just want to get the best possible rate for my area. Can you help?" As the video shows, users can engage in one of four classic video games as the chat slowly runs its course. (The Trim developers in the video choose Pong.) The bot has two settings: "autopilot," which lets you sit back and watch it negotiate for you; and manual, which lets you step in.

Microsoft

LinkedIn Blocked By Russian Government (pcworld.com) 68

LinkedIn's network just got a little smaller: Russia's communications regulator ordered ISPs to block access to the business networking company on Thursday. From a report on PCWorld: Roskomnadzor made the order after a Moscow appeal court last week upheld an earlier ruling that LinkedIn breached Russian privacy laws. Tagansky district court ruled against LinkedIn on Aug. 4, following a complaint from the Russian federal service for the supervision of communications, information technology and mass media that its activities breached a law requiring businesses handling Russians' personal data to process that data in Russia. Roskomnadzor said it filed suit after LinkedIn failed to respond to two requests for information about its plans for relocating the data to Russia. LinkedIn isn't the only U.S. company that has been targeted under the legislation.
Piracy

Police Raid Pirate Site, Seize 60 Servers Following MPAA Complaint (torrentfreak.com) 60

An anonymous reader quotes a report from TorrentFreak: When it comes to shutting down pirate sites, few groups have a longer history than the Motion Picture Association of America. The Hollywood organization has dozens of pirate scalps under its belt and today is able to claim another. Serving more than a million users every day, FS.to was one of Ukraine's largest pirate sites. Ranked the country's 21st most popular site overall, the movie-focused platform attracted the attention of the MPAA and local rights holders alike. That has resulted in one of the biggest raids ever seen in the country. According to the cyber crime division of Ukraine's national police, an operation shut down the platform Monday following a complaint from Hollywood. The authorities say that 19 people suspected of running the site via a network of local and offshore companies were arrested. The operation to shut the site appears to have been significant. Raids took place at the offices and homes of the suspects, plus datacenters where equipment running the site was installed. Thus far around 60 servers have been seized from a range of local ISPs but the operation is still ongoing so the tally could increase. Local sources indicate that the authorities have linked local Internet company Ferazko Holding Inc. with FS since it owns several of the site's domains including FS.to, BRB.to and FS.ua.
Social Networks

Facebook Finds More Ad-Metric Errors, Vows Clarity About Fixes (bloomberg.com) 11

Facebook said today it has uncovered more miscalculated metrics related to how consumers interact with content from publishers. From an article on Bloomberg, submitted by an anonymous reader: The social-networking company conducted a broad review after discovering three months ago that it had overstated how long people watched videos on its site. The miscalculation wasn't broadly disclosed, sparking some criticism of the social network. Now, Facebook says it has found four other instances where it miscalculated reach on its site, including overstating how long people spent reading Instant Articles and how many people interacted with businesses' Facebook Pages. Companies and marketers rely on Facebook to tell them how well the content they post is performing, so that they can make strategic decisions about what to do next and how much to invest through advertising or otherwise. To avoid future errors, the company said it's establishing a measurement council made up of top advertisers and partners. Facebook will also allow more third party measurement companies such as Nielsen to track and supplement its metrics. Additionally, Facebook is revising the descriptions for its data to explain exactly what they measure, for example reporting "3-second video views" instead of just "video views."
Movies

More Code In Movies: Nmap Meets Snowden (nmap.org) 73

After Saturday's story about the code samples in the new movie Arrival, an anonymous reader reminded us of this classic essay at Nmap.org: For reasons unknown, Hollywood has decided that Nmap is the tool to show whenever hacking scenes are needed... While Nmap had been used in some previous obscure movies, it was The Matrix Reloaded which really turned Nmap into a movie star!
Nmap.org has a tradition -- the first person to notify them when new Nmap appears in a new movie wins a signed copy of Nmap Network Scanning "or a T-shirt of your choice from the Zero Day Clothing Nmap Store." (The site adds that "movie script writers, artists, and digital asset managers are also welcome to email Fyodor for advice.") And Nmap.org just added another film, Oliver Stone's new movie about Edward Snowden. In one early scene, Snowden is given a network security challenge at a CIA training class which is expected to take 5 to 8 hours. But with the help Nmap and a custom Nmap NSE script named ptest.nse, Snowden stuns the professor by completing everything in 38 minutes!
According to the site, even the movie's trailer features Nmap. Anybody else have their own favorite stories about code in the movies?
Networking

Ethernet Consortia Wants To Unlock a More Time-Sensitive Network (networkworld.com) 110

Does Ethernet need new features like "stream reservation" and time synchronization to make sure time-sensitive data isn't delayed on the network? coondoggie quotes Network World: The demand from Internet of Things, automotive networking and video applications are driving changes to Ethernet technology that will make it more time-sensitive. Key to those changes are a number of developing standards but also a push this week from the University of New Hampshire InterOperability Laboratory to set up three new industry specific Ethernet Time-Sensitive Networking consortiums -- Automotive Networking, Industrial Networking, and ProAV Networking aimed at developing deterministic performance within standard Ethernet for real-time, mission critical applications. "Standards-based precise time, guaranteed bandwidth, and guaranteed worst-case latency in a converged Ethernet network is a game-changer to many industries," said Bob Noseworthy, Chief Engineer, UNH-IOL.
The article also acknowledges the work of the Avnu Alliance, which is also trying to build an ecosystem of "low-latency, time-synchronized, highly reliable synchronized networked devices using open standards through certification."
Security

OWASP ModSecurity Core Rule Set Version 3.0 Released (modsecurity.org) 17

Need a new set of generic attack detection rules for your web application firewall? Try the new OWASP ModSecurity Core Rule Set version 3.0.0! Long-time Slashdot reader dune73 writes: The OWASP CRS is a widely-used Open Source set of generic rules designed to protect users against threats like the OWASP Top 10. The rule set is most often deployed in conjunction with an existing Web Application Firewall like ModSecurity. Four years in the making, this release comes with dozens of new features including reduced false positives (by over 90% in the default setup), improved detection of SQLi, XSS, RCE and PHP injections, the introduction of a Paranoia Mode which allows assigning a certain security level to a site, and better documentation that takes the pain out of ModSecurity.
There's rumors this new rule set is even being made into a movie

Slashdot Top Deals