Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Networking

Researcher Find D-Link DWR-932 Router Is 'Chock Full of Holes' (helpnetsecurity.com) 18

Reader JustAnotherOldGuy writes: Security researcher Pierre Kim has unearthed a bucketload of vulnerabilities in the LTE router/portable wireless hotspot D-Link DWR-932. Kim found the latest available firmware has these vulnerabilities: Two backdoor accounts with easy-to-guess passwords that can be used to bypass the HTTP authentication used to manage the router
-A default, hardcoded Wi-Fi Protected Setup (WPS) PIN, as well as a weak WPS PIN generation algorithm
- Multiple vulnerabilities in the HTTP daemon
- Hardcoded remote Firmware Over The Air credentials
- Lowered security in Universal Plug and Play, and more.
"At best, the vulnerabilities are due to incompetence; at worst, it is a deliberate act of security sabotage from the vendor," says Kim, and advises users to stop using the device until adequate fixes are provided.

Facebook

Facebook at Work To Report For Duty Next Month (fortune.com) 74

The debut of the long-awaited business social network is nigh. Facebook at Work is about to report for duty. The social networking company's long-awaited foray into business applications will formally debut in London on October 10, according to tech site TechCrunch. From a report:The news site further noted this would be Facebook's first major product launch to take place outside the United States. Thus far, Facebook is seen as a fun-and-games site, not something corporate employees use to converse or track each other. But Facebook at Work, a business-minded operation, could help change that image. As has been reported, it will be a separate version of the network that can be accessed only from a company's internal IT systems, and in theory, subject to stricter corporate security and access rules. Personal accounts will be cordoned off.
Communications

Anti-Defamation League Declares Pepe the Frog a Hate Symbol (time.com) 391

An anonymous reader quotes a report from TIME: The Anti-Defamation League (ADL) has declared a popular internet meme depicting a cartoon frog to be a hate symbol. Pepe the Frog's beginnings were unoffensive: he is the creation of comic book creator Matt Furie, who featured the frog as a character in the series Boy's Club beginning in 2005. The character subsequently became a beloved meme, often called the "sad frog meme" and shared with a speech bubble reading "Feels good man" or "Feels bad man." But recently, as the Daily Beast reported in May, the character has been co-opted by a faction of Internet denizens who decided to reclaim it from the mainstream, and began sharing it in anti-Semitic contexts. "Images of the frog, variously portrayed with a Hitler-like mustache, wearing a yarmulke or a Klan hood, have proliferated in recent weeks in hateful messages aimed at Jewish and other users on Twitter," the ADL wrote in a statement. "Once again, racists and haters have taken a popular Internet meme and twisted it for their own purposes of spreading bigotry and harassing users," wrote ADL CEO Jonathan A. Greenblatt.
Network

IEEE Sets New Ethernet Standard That Brings 5X the Speed Without Cable Ripping (networkworld.com) 154

Reader coondoggie writes: As expected the IEEE has ratified a new Ethernet specification -- IEEE P802.3bz -- that defines 2.5GBASE-T and 5GBASE-T, boosting the current top speed of traditional Ethernet five-times without requiring the tearing out of current cabling. The Ethernet Alliance wrote that the IEEE 802.3bz Standard for Ethernet Amendment sets Media Access Control Parameters, Physical Layers and Management Parameters for 2.5G and 5Gbps Operation lets access layer bandwidth evolve incrementally beyond 1Gbps, it will help address emerging needs in a variety of settings and applications, including enterprise, wireless networks. Indeed, the wireless component may be the most significant implication of the standard as 2.5G and 5G Ethernet will allow connectivity to 802.11ac Wave 2 Access Points, considered by many to be the real driving force behind bringing up the speed of traditional NBase-T products.
Space

Cisco Blamed A Router Bug On 'Cosmic Radiation' (networkworld.com) 144

Network World's news editor contacted Slashdot with this report: A Cisco bug report addressing "partial data traffic loss" on the company's ASR 9000 Series routers contended that a "possible trigger is cosmic radiation causing SEU [single-event upset] soft errors." Not everyone is buying: "It IS possible for bits to be flipped in memory by stray background radiation. However it's mostly impossible to detect the reason as to WHERE or WHEN this happens," writes a Redditor identifying himself as a former [technical assistance center] engineer...
"While we can't speak to this particular case," Cisco wrote in a follow-up, "Cisco has conducted extensive research, dating back to 2001, on the effects cosmic radiation can have on our service provider networking hardware, system architectures and software designs. Despite being rare, as electronics operate at faster speeds and the density of silicon chips increases, it becomes more likely that a stray bit of energy could cause problems that affect the performance of a router or switch."

Friday a commenter claiming to be Xander Thuijs, Cisco's principal engineer on the ASR 9000 router, posted below the article, "apologies for the detail provided and the 'concept' of cosmic radiation. This is not the type of explanation I would like to see presented to the respected users of our products. We have made some updates to the DDTS [defect-tracking report] in question with a more substantial data and explanation. The issue is something that we can likely address with an FPD update on the 2x100 or 1x100G Typhoon-based linecard."
Network

Reddit Brings Down North Korea's Entire Internet (mirror.co.uk) 137

After a North Korean system administrator misconfigured its nameserver allowing anyone to query it and get the list of the domains that exist for .kp, it was revealed that the secretive country only has 28 websites. That's 28 websites for a country with nearly 25 million people. Naturally, the story was published all across the web, including on Reddit, which resulted in a high number of users visiting North Korea's websites. Mirror.co.uk reports: When a list of North Korea's available websites was posted on Reddit, the surge of visitors to the reclusive state's online offering overloaded the servers. North Korea runs a completely locked-down version of the internet that consists of only 28 "websites" that the population is allowed to view. However, a technical slip-up allowed a GitHub user to work their way into the country's computer network and view the websites from the outside. As the GitHub user puts it: "One of North Korea's top level name servers was accidentally configured to allow global [Domain Name System] transfers. This allows anyone who performs [a zone transfer request] to the country's ns2.kptc.kp name server to get a copy of the nation's top level DNS data." Pretty soon, links to all the websites were posted on Reddit, where thousands of visitors took the opportunity to see what the web looks like from Pyongyang. Reddit's surge of traffic isn't the first time North Korea's internet has been knocked out. In 2014, the country suffered a distributed denial of service (DDoS) attack that was believed to have originated from the U.S. Redditor BaconBakin points out that while North Korea has 28 websites, GTA V has 83 websites. They added, "I think it's safe to say that San Andreas is more technologically advanced than North Korea."
Communications

Quantum Teleportation Achieved Over 7km of Cable (sciencealert.com) 189

An anonymous reader quotes a report from ScienceAlert: Quantum teleportation just moved out of the lab and into the real world, with two independent teams of scientists successfully sending quantum information across several kilometers of optical fiber networks in Calgary, Canada, and Hefei, China. Quantum teleportation relies on a strange phenomenon called quantum entanglement. Basically, quantum entanglement means that two particles are inextricably linked, so that measuring the state of one immediately affects the state of the other, no matter how far apart the two are -- which led Einstein to call entanglement "spooky action at a distance." In the latest experiments, both published in Nature Photonics (here and here), the teams had slightly different set-ups and results. But what they both had in common is the fact that they teleported their information across existing optical fiber networks -- which is important if we ever want to build useable quantum communication systems. To understand the experiments, Anil Ananthaswamy over at New Scientist nicely breaks it down like this: picture three people involved -- Alice, Bob, and Charlie. Alice and Bob want to share cryptographic keys, and to do that, they need Charlie's help. Alice sends a particle to Charlie, while Bob entangles two particles and sends just one of them to Charlie. Charlie then measures the two particles he's received from each of them, so that they can no longer be differentiated -- and that results in the quantum state of Alice's particle being transferred to Bob's entangled particle. So basically, the quantum state of Alice's particle eventually ends up in Bob's particle, via a way station in the form of Charlie. The Canadian experiment followed this same process, and was able to send quantum information over 6.2 km of Calgary's fiber optic network that's not regularly in use.
Google

Google Launches 'Google Trips' Personalized Travel Planner (techcrunch.com) 38

Google has an app for just about everything. Their latest application, called Google Trips, aims to help you better plan your vacations and other travels. TechCrunch reports: Called Google Trips, the iOS and Android app pulls in a combination of data from Google Maps and crowdsourced contributions from other travels, in order to offer a personalized travel guide that helps you keep track of your day trips, reservations, points of interest, tourist attractions, restaurants and more. The home screen includes a search box with a prompt "where do you want to go?" for planning new trips, and other cards let you keep track of your current and upcoming vacations and plans. What's helpful is that each city you plan to visit during one of your trips can each have its own tab within the larger "Trip" section, and with a simple toggle switch, you can download all the information about that destination for offline access. Meanwhile, on each city's screen, a variety of colorful cards help you jump into various sections like "Saved places," "Day Plans," "Food and Drink," "Getting around," "Things to do," "Reservations," and more. Google says Trips can show you the most popular day plans and itineraries for the top 200 cities worldwide. This information is actually based on historic visit data from other travelers, which Google has then assembled into lists that include the most popular sights and attractions. In addition to sightseeing, the app can also track flight, hotel, car and restaurant reservations, which makes the app something of a competitor to Concur's TripIt, and, to some extend, the new territory Airbnb is carving out with its own forthcoming Airbnb Trips app, which will focus on travel services. However, what makes Google Trips compelling is that it leverages Google's ability to tap into the data you have stored in your Gmail, as it automatically gathers your reservations from your email and organizes them into trips on your behalf. Google Trips is live now on Android and iOS.
Government

'Government Abuse' of the Internet Makes Some People More Equal Than Others, Says Study (washingtonpost.com) 39

An anonymous reader quotes a report from Washington Post: When the Arab Spring spread across the Middle East and North Africa, the internet was considered to have been one of the main facilitators of the revolutions, and while the Arab Spring has since become a source of frustration to many of those who fought for it, the assumption that the internet will facilitate future uprisings has rarely been questioned. A new study, however, now raises doubts about to what extent the internet plays a role in fostering democracy. In fact, it may make some people more equal than others. To voice discontent online, groups first need access to the internet, but too often, that is precisely what they lack, according to the report which was published by the academic journal Science. Those findings could force Western governments and nongovernmental organizations engaged in pro-democracy initiatives to rethink how they spread their message. Comparing the accessibility of internet in certain regions and taking into account the existence of minority communities, the authors found "a strong and persistent political bias in the allocation of internet coverage across ethnic groups worldwide [...] an effect that cannot be explained by economic or geographic factors." Around 500 minority groups worldwide were included in the study, with consistent findings of what the authors called "digital discrimination." The 10 worst-affected minorities mostly come from Russia and Malaysia, said researcher Nils B. Weidmann.
Communications

YouTube Gets Its Own Social Network With Launch of YouTube Community (techcrunch.com) 73

The earlier reports were right when they said YouTube was working on launching its own social networking service for content creators. Instead of the "YouTube Backstage" branding, YouTube has decided to call their social networking service "YouTube Community," which allows content creators to use text, GIFs, and images to better engage viewers. Given the controversy surrounding YouTube in regard to demonetizing videos that are not deemed "friendly to advertisers," many YouTube creators have been or are thinking about leaving the site and joining competing services. These new tools are designed to help keep creators from departing to competing platforms. TechCrunch reports: YouTube has been testing the new service over the past several months with a handful of creators in order to gain feedback. It's launching the service into public beta with this group of early testers, and will make it available to a wider group of creators in the "month's ahead," it says. Access to this expanded feature set is made available to the creators and their viewers by way of a new "Community" tab on their channels. From here, creators can share things like text posts, images, GIFs and other content, which the audience can thumbs up and down, like the videos themselves, as well as comment on. Viewers will see these posts in their "Subscriptions" feed in the YouTube mobile application, and can also choose to receive push notifications on these posts from their favorite creators, YouTube says." Only time will tell whether or not this new move will be better received than YouTube's Google+ integration...
Open Source

Linux Kernel 3.14 Series Has Reached End of Life (softpedia.com) 99

Slashdot reader prisoninmate quotes an article on Softpedia: it looks like the Linux kernel maintainers decided that there's no need to maintain the Linux kernel 3.14 LTS series anymore, so earlier today, September 11, 2016, they decided to release that last maintenance update, version 3.14.79, and mark the series as EOL (End of Life). Famous Linux kernel maintainer Greg Kroah-Hartman was the one to make the big announcement, and he's urging users who want to still run a long-term supported kernel version to move to the Linux 4.4 LTS series, which is currently the most advanced LTS branch, or use the latest stable release, Linux kernel 4.7.3...

Linux kernel 3.14.79 is a very small update that changes a total of 12 files, with 45 insertions and 17 deletions, thus fixing a bug in the EXT4 file system, a networking issue related to the Reliable Datagram Sockets (RDS) protocol, and updating a few HID, s390, SCSI, networking drivers.

Education

University of California's Outsourcing Is Wrong, Says US Lawmaker (computerworld.com) 338

Earlier this week, University of California hired India-based IT company HCL to outsource some of its work offshore. As part of the announcement, it announced that it was laying off 17 percent of UCSF's total IT staff. The U.S. lawmaker, Rep. Zoe Lofgren (D-Calif) and the IEEE-USA find the outsourcing job "wrong." dcblogs writes: A decision by the University of California to lay off IT employees and send their jobs overseas is under fire from U.S. Rep. Zoe Lofgren (D-Calif) and the IEEE-USA. "How are they [the university] going to tell students to go into STEM fields when they are doing as much as they can to do a number on the engineers in their employment?" said U.S. Rep. Zoe Lofgren (D-Calif). Peter Eckstein, the president of the IEEE-USA, said what the university is doing "is just one more sad example of corporations, a major university system in this case, importing non-Americans to eliminate American IT jobs." The university recently informed about 80 IT workers at its San Francisco campus, including contract employees and vendor contractors, that it hired India-based HCL, under a $50 million contract, to manage infrastructure and networking-related services. The affected employees will leave their jobs in February, after they train their contractor replacements.
Businesses

HP Enterprise Reaches $8.8 Billion Deal With Micro Focus For Software Assets (reuters.com) 31

An anonymous reader quotes a report from Reuters: Hewlett Packard Enterprise Co will spin off and merge its non-core software assets with Britain's Micro Focus International Plc in a deal worth $8.8 billion, the companies said on Wednesday. The move is part of HPE Chief Executive Meg Whitman's plans to shift HPE's strategy to a few key areas such as networking, storage and technology services since the company separated last year from computer and printer maker HP Inc. The deal with Micro Focus, a multinational software company based in Newbury, United Kingdom, was announced along with HPE's latest quarterly earnings. In the third quarter, HPE reported net revenue of $12.2 billion, down 6 percent from $13.1 billion a year earlier. In the deal, HPE is sending one of the British firms it acquired back to where it started. HPE acquired part of its software portfolio through the $10.3 billion purchase of Britain's Autonomy Corp Plc in 2011. HP's $11 billion purchase of Autonomy was supposed to form the central part of the U.S. group's move into software. Other HPE assets that will be merged include software for application delivery management, big data, enterprise security, information management and governance and IT Operations management businesses.
Facebook

Instagram Is Killing Photo Maps (mashable.com) 36

Instagram is dropping the Photo Map feature from its service. The feature allowed one to see where a person took a photo. The company began removing the feature, it confirmed to Mashable. The social networking service added that it is currently focusing on removing maps on profiles of other people, but soon you (that is, if you use the service), will lose access to your own photo map as well. The company said: Photo Map was not widely used, so we've decided to remove the feature and focus on other priorities.
Security

More Passwords, Please: 98 Million Leaked From 2012 Breach Of 'Russia's Yahoo' (arstechnica.com) 23

Sean Gallagher, writing for ArsTechnica: Another major site breach from four years ago has resurfaced. Today, LeakedSource revealed that it had received a copy of a February 2012 dump of the user database of Rambler.ru, a Russian search, news, and e-mail portal site that closely mirrors the functionality of Yahoo. The dump included usernames, passwords, and ICQ instant messaging accounts for over 98 million users. And while previous breaches uncovered by LeakedSource this year had at least some encryption of passwords, the Rambler.ru database stored user passwords in plain text -- meaning that whoever breached the database instantly had access to the e-mail accounts of all of Rambler.ru's users. The breach is the latest in a series of "mega-breaches" that LeakedSource says it is processing for release. Rambler isn't the only Russian site that has been caught storing unencrpyted passwords by hackers. In June, a hacker offered for sale the entire user database of the Russian-language social networking site VK.com (formerly VKontakte) from a breach that took place in late 2012 or early 2013; that database also included unencrypted user passwords, as ZDNet's Zach Whittaker reported.
Microsoft

Microsoft Helps Develop Smart, IoT-Enabled Refrigerators (microsoft.com) 178

An anonymous Slashdot reader writes: Promising "intelligent food management" to help with shopping and meal planning, Microsoft is collaborating with household appliance manufacturer Liebherr to develop a refrigerator where stored groceries "can be monitored using internal cameras." The refrigerators will use Microsoft's object recognition technology to create a list of your groceries -- with photos -- accessible via an an Android or iOS app (or a Windows device).

"Microsoft is providing computer vision capability as part of this collaboration," says their web page, citing the deep-learning technology underlying the Microsoft Cognitive Services Computer Vision API, released in Microsoft's open source Computational Network Toolkit. "Using the deep learning algorithms contained within CNTK, Microsoft data scientists worked with Liebherr to build a new image processing system to detect specific food products present inside a Liebherr refrigerator..."

Displays

New HDMI Mode Will Allow USB-C Connections (techhive.com) 85

An anonymous Slashdot reader quotes a report from TechHive: On Friday, HDMI Licensing announced a new cable standard that connects USB-C and HDMI devices... The idea, naturally enough, is to to develop an HDMI-to-USB Type-C cable that ties together the most common cabling protocols in both the PC and consumer electronics industries, eliminating the need for an adapter or special silicon. Source devices like PCs, tablets, and smartphones will be able to output HDMI video and multi-channel audio from a USB-C port, just as they can now with DisplayPort.

"The USB Type-C connector is gaining traction in the mobile and PC markets," said HDMI Licensing, LLC president Rob Tobias. "Consumers expect to easily connect these devices to displays with a USB Type-C to HDMI cable and utilize the capabilities and features of native HDMI. This specification will also result in more source devices incorporating HDMI," which already total about 6 billion, he said.

HDMI Licensing expects to see products launching with this new technology "early next year".
Networking

Celebrating The 19th Anniversary of Nmap (phrack.org) 26

Long-time Slashdot reader collinl writes: Nmap was released 19 years ago on September 1... Seems like it has been around for ever. Was there a port scanner before Nmap?
Good question. Nmap first appeared in an article in Phrack magazine back in 1997 (which included its complete source code), although over the years its output options have expanded to include a humorous "script kiddie" format. And by 2007 the Nmap Scripting Engine was released, which in 2010 was used to generate a cool visualization showing the popularity of the top million favicons.
Social Networks

Facebook Removes Fake Article About Megyn Kelly From Trending Topics (theverge.com) 116

Less than a week after Facebook announced that it is changing the way it handles the Trending Topics section on the social networking website, a fake article about Fox News anchor Megyn Kelly was found trending on Facebook. The article, headlined "Breaking: Fox News Exposes Traitor Megyn Kelly, Kicks Her Out for Backing Hillary" comes from a conspiracy theory website, which has more than 200,000 likes on Facebook. Its Megyn Kelly story was the topic of discussion for many across the world. The article is obviously fake. The other cited source for this trending topic was an outlet called "Conservating101"

Slashdot Top Deals