Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Canada

Ashley Madison Security Protocols Violated Canada, Austrialia Privacy Laws (www.cbc.ca) 20

The Office of the Privacy Commissioner of Canada said Tuesday that the Canada-based online dating and social networking service Ashely Madison used inadequate privacy and security technology while marketing itself as a discreet and secure way for consenting adults to have affairs. CBC.ca reports: "In a report Tuesday, the privacy watchdog says the Toronto-based company violated numerous privacy laws in Canada and abroad in the era before a massive data breach exposed confidential information from their clients to hackers. The hack stole correspondence, identifying details and even credit card information from millions of the site's users. The resulting scandal cost the company about a quarter of its annual revenues from irate customers who demanded refunds and cancelled their accounts. Working with a similar agency in Australia, the privacy group says the company knew that its security protocols were lacking but didn't do enough to guard against being hacked. The company even adorned its website with the logo of a 'trusted security award' -- a claim the company admits it fabricated." The report found that "poor habits such as inadequate authentication processes and sub-par key and password management practices were rampant at the company" and that "much of the company's efforts to monitor its own security were 'focused on detecting system performance issues and unusual employee requests for decryption of sensitive user data.'" What's more is that Ashley Madison continued to store personal information of its users even after some of which had deleted or deactivated their account(s). These people then had their information included in databases published online after the hack.
Cellphones

IPv6 Achieves 50% Reach On Major US Carriers (worldipv6launch.org) 148

Long-time Slashdot reader dyork brings new from The Internet Society: IPv6 deployment hit a milestone this month related to the four major US providers (Verizon Wireless, T-Mobile USA, Sprint, AT&T): "IPv6 is the dominant protocol for traffic from those mobile networks to major IPv6-capable content providers."
A graph on their "World IPv6 Launch" site shows those carriers are now delivering close to 55% of their traffic over IPv6 to major IPv6-capable content providers -- up from just 37.59% in December. "This is really remarkable progress in the four years since World IPv6 Launch in 2012, and the growth of IPv6 deployment in 2016 is showing no signs of abating." In fact, the NTIA is now requesting feedback from organizations that have already implemented IPv6, noting that while we've used up all the 4.3 billion IPv4 addresses, IPv6 offers 340 undecillion IP addresses -- that is, 340 followed by 36 digits.
Businesses

Cisco Systems To Lay Off About 14,000 Employees, Representing 20% of Global Workforce (crn.com) 239

schwit1 writes from a report via CRN: Cisco Systems is laying off about 14,000 employees, representing nearly 20 percent of the network equipment maker's global workforce. San Jose, California-based Cisco is expected to announce the cuts within the next few weeks, the report said, as the company transitions from its hardware roots into a software-centric organization. Cisco increasingly requires "different skill sets" for the "software-defined future" than it did in the past, as it pushes to capture a higher share of the addressable market and aims to boost its margins, the CRN report said citing a source familiar with the situation. "The company's headcount as of April 20, 2016, was 73,104," reports CRN. "Cutting 14,000 employees would be the single largest layoff in Cisco's 32-year history."

UPDATE 8/17/16: Cisco has reported its fourth-quarter 2016 earnings and they have exceeded analysts' expectations.
Google

Malware That Fakes Bank Login Screens Found In Google Ads (fastcompany.com) 120

tedlistens quotes a report from Fast Company: For years, security firms have warned of keystroke logging malware that surreptitiously steals usernames and passwords on desktop and laptop computers. In the past year, a similar threat has begun to emerge on mobile devices: So-called overlay malware that impersonates login pages from popular apps and websites as users launch the apps, enticing them to enter their credentials to banking, social networking, and other services, which are then sent on to attackers. Such malware has even found its way onto Google's AdSense network, according to a report on Monday from Kaspersky Lab. The weapon would automatically download when users visited certain Russian news sites, without requiring users to click on the malicious advertisements. It then prompts users for administrative rights, which makes it harder for antivirus software or the user to remove it, and proceeds to steal credentials through fake login screens, and by intercepting, deleting, and sending text messages. The Kaspersky researchers call it "a gratuitous act of violence against Android users." "By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," according to the company. "There you are, minding your own business, reading the news and BOOM! -- no additional clicks or following links required." The good news is that the issue has since been resolved, according to a Google spokeswoman. Fast Company provides more details about these types of attacks and how to stay safe in its report.
AI

Has The NSF Automated Coding with ExCAPE? (adtmag.com) 140

The National Science Foundation is developing a way to create working code using "automated program synthesis," a new technology called ExCAPE "that provides human operators with automated assistance.... By removing the need for would-be programmers to learn esoteric programming languages, the method has the potential to significantly expand the number of people engaged in programming in a variety of disciplines, from personalized education to robotics." Rajeev Alur, who leads a team of researchers from America's nine top computer science programs, says that currently software development "remains a tedious and error-prone activity." Slashdot reader the_insult_dog writes: While its lofty goals of broadly remaking the art of programming might not be realized, the research has already made some advances and resulted in several tools already in use in areas such as commercial software production and education...
For example, the NSF created a new tool (which they've recently patented) called NetEgg, which generates code for controlling software-defined networks, as well as Automata Tutor and AutoProf, which provide automated feedback to computer science students.
Classic Games (Games)

Hacked Hobbit Pinball Machine Joins IoT, Broadcasts Itself Over Twitch (lachniet.com) 45

Random web surfers could send a text message or even upload an image to be displayed on the back glass of Mark Lachniet's pinball machine, according to Mael517, while the machine itself webcast footage of both its playing field and backglass using Twitch. Interestingly, all the extra functionality was coded directly into the machine, according to Lachniet, who added only the webcam and an ethernet cord. The Hobbit [machine] has a whole bunch of hardware that I don't really understand and can barely fix... However, it has a computer in its guts, and this I can mostly understand.
After identifying the pinball machine's motherboard, CPU, operating system (Ubuntu) and an SQL database, Lachniet was able to backup its software, and then create his own modifications. He envisions more possibilities -- for example, the ability to announce high scores on social media accounts or allow remote servicing of the machine. Lachniet even sees the possibility of a world-wide registry of pinball game scores with each player's location overlaid on Google Maps "so you could view pinball hot spots and where the high scores were coming from," and maybe even networking machines together to allow real-time global competition."
Networking

The Rise and Fall of the Gopher Protocol (minnpost.com) 225

An anonymous reader writes: Tim Gihring at MinnPost talks to the creators of what was, briefly, the biggest thing in the internet, Gopher. Gopher, for those who don't know or have forgotten, was the original linked internet application, allowing you to change pages and servers easily, though a hierarchical menu system. It was quick, it was easy to use, and important for this day and age, it didn't have Flash.
The article remembers Tim Berners-Lee describing the idea of a worldwide web at a mid-March, 1992 meeting of the Internet Engineering Task Force, at a time when Gopher "was like the Web but more straightforward, and it was already working." Gopher became magnitudes more popular -- both MTV and the White House announced Gopher sites -- leading to GopherCons around the country. Just curious -- how many Slashdot readers today remember using Gopher?
Botnet

LinkedIn Suffers Huge Bot Attack That Steals Members' Personal Data (siliconbeat.com) 109

An anonymous reader quotes a report from SiliconBeat: Data thieves used a massive "botnet" against professional networking site LinkedIn and stole member's personal information, a new lawsuit reveals. "LinkedIn members populate their profiles with a wide range of information concerning their professional lives, including summaries (narratives about themselves), job histories, skills, interests, educational background, professional awards, photographs and other information," said the company's complaint, filed in Northern California U.S. District Court (PDF). "During periods of time since December 2015, and to this day, unknown persons and/or entities employing various automated software programs (often referred to as 'bots') have extracted and copied data from many LinkedIn pages." It is unclear to what extent LinkedIn has been able to stymie the attack. A statement from the firm's legal team suggests one avenue of penetration has been permanently closed, but does not address other means of incursion listed in the lawsuit. "Their actions have violated the trust that LinkedIn members place in the company to protect their information," the complaint said. "LinkedIn will suffer ongoing and irreparable harm to its consumer goodwill and trust, which LinkedIn has worked hard for years to earn and maintain, if the conduct continues." LinkedIn says it has more than 128 million U.S. members and more than 400 million worldwide. According to the complaint, the hackers got around six LinkedIn cybersecurity systems, and also manipulated a cloud-services company that was on the company's "whitelist" of "popular and reputable service providers, search engines and other platforms" which interact with LinkedIn under less severe security measures than other third parties. The manipulation allowed the hackers to send requests to LinkedIn servers. "This was not an attack or data breach where confidential data was stolen," LinkedIn's legal team said in a statement. "This suit is about unknown entities using automated systems to scrape and copy data that members have made available on LinkedIn, violating the law and our Terms of Service."
Bitcoin

DDoSCoin: New Crypto-Currency Rewards Users For Participating In DDoS Attacks (softpedia.com) 45

An anonymous reader writes from a report via Softpedia: "In the most innovative, weirdest, and stupidest idea of the month, two researchers from the University of Colorado Boulder and the University of Michigan have created a crypto-currency that rewards people for participating in DDoS attacks," reports Softpedia. "Called DDoSCoin, this digital currency rewards a person (the miner) for using their computer as part of a DDoS attack. Just like Bitcoin, DDoSCoin uses cryptographic data to provide a proof-of-work. In DDoSCoin's case, this proof-of-work is extracted from the TLS connection a miner establishes with the website they're supposed to attack." This means that DDoSCoin can be used only with DDoS attacks on TLS-enabled websites. Participating in DDoS attacks gives miners DDoSCoin, which can then be converted in Bitcoin or fiat currency. Furthermore, anyone can request a DDoS attack via the PAY_TO_DDOS transaction. The research paper that proposes DDoSCoin is only a theoretical exercise, and a DDoSCoin crypto-currency does not currently exist in the real world. For now.
Advertising

Facebook Rolls Out Code To Nullify Adblock Plus' Workaround (techcrunch.com) 426

An anonymous reader writes: The Wall Street Journal issued a report Tuesday that said Facebook will begin forcing ads to appear for all users of its desktop site, even if they use ad-blocking software. Adblock Plus, the most popular ad-blocking software, opposed Facebook's plan and found a workaround to Facebook's revision two days later. Now, TechCrunch is reporting that Facebook is well aware of Adblock Plus' workaround and their "plan to address the issue" is coming quick. "A source close to Facebook tells [TechCrunch] that today possibly within hours, the company will push an update to its site's code that will nullify Adblock Plus' workaround," reports TechCrunch. "Apparently it took two days for Adblock Plus to come up with the workaround, and only a fraction of that time for Facebook to disable it." An update on their site says, "A source says Facebook is now rolling out the code update that will disable Adblock Plus' workaround. It should reach all users soon."
Advertising

Man Becomes 'Accidental Millionaire' After Jet.com's Sale To Walmart (fortune.com) 43

The acquisition of Jet.com by Walmart for $3 billion in cash appears to have made the founder of IdeaDash an "accidental millionaire." Fortune reports: "Martin, who is the founder of a startup called IdeaDash, won Jet.com's nationwide marketing competition -- Jet Insider -- in early 2015. The contest offered a reward of 100,000 shares of Jet stock to the contestant who got the most people to sign up for 6-month free trial 'insider' memberships to the membership shopping site, a sort of online Costco or Sam's Club. According to his company's website, Martin took first place out of the 350,000 people who participated, getting over 8,000 people to sign up. Martin spent $18,000 on online ads, Bloomberg reports, and now has a stake in Jet that is reportedly worth millions. Although Martin told Bloomberg that he is not sure exactly what his stake is worth, Fusion reported in February 2015 that his piece could be valued between $10 million and $20 million."
Communications

Online Drug Sales Triple After Silk Road Closure, Says Report (nbcnews.com) 94

The closure of Silk Road -- a marketplace where internet users could purchase drugs and other illegal goods -- in 2013 has had little to no effect on drug sales. According to a new report from RAND, online drug sales have tripled since the site was shut down. NBC News reports: "Since then, an estimated 50 'cryptomarkets and vendor shops where vendors and buyers find each other anonymously to trade illegal drugs, new psychoactive substances, prescription drugs and other goods and services,' have emerged to fill the void, according to the report. The research, which was commissioned by the Netherlands Ministry of Security and Justice, examined data from January and found dealers in the United States had the largest market share with 35.9 percent, followed by the United Kingdom at 16.1 percent and Australia at 10.6 percent. Marijuana was the top seller in January, accounting for 33 percent of illicit drug sales online, followed by prescription medication at 19 percent and stimulants at 18 percent."
Facebook

Facebook Plans Commercial Launch of Rural WiFi in India (indiatimes.com) 19

An anonymous reader shares a report from India's Economic Times: Social networking giant Facebook is in talks with internet service providers (ISPs) to expand its Express Wi-Fi program into a commercial launch in India, having completed a pilot roll out of 125 rural public Wi-Fi hotspots in a tie-up with state-run Bharat Sanchar Nigam Ltd. Express Wi-Fi is a Mark Zuckerberg-headed Internet giant's initiative aimed at taking affordable broadband to the rural areas of the country in partnerships with internet service companies and small entrepreneurs. "Facebook is investing in the development of the connectivity ecosystem by providing techno-commercial assistance to local ISP partners and entrepreneurs," a person aware of the matter said.In a statement to Slashdot, a Facebook spokesperson said; "We are currently in the early stages of testing Express Wi-Fi with multiple local ISP partners in India." The company, however, declined to share any update on Express Wi-Fi's commercial launch in the country. It's worth noting that this is Facebook's second major attempt to capture India's market. The company's Free Basics, an initiative wherein Facebook offers its users access to select websites and services for free, was rejected by the local authority on the grounds of net neutrality. With Express Wi-Fi, the company doesn't seem to be favoring any particular service, and is making access to the entire internet available for cheap price.
Education

Positive Link Between Video Games and Academic Performance, Study Suggests (theguardian.com) 100

Here's another report reaffirming that playing online video games doesn't necessarily hinder one with their grades. According to an analysis of data from over 12,000 high school students in Australia, children who play online video games tend to do better in academic science, maths and reading tests. The study says kids who played online games almost every day scored 15 points above average in maths and reading tests and 17 points above average in science. "The analysis shows that those students who play online video games obtain higher scores on Pisa (Program for International Student Assessment -- internationally recognized tests that are administered by the Organisation for Economic Cooperation and Development (OECD)) tests, all other things being equal," said Alberto Posso, from the Royal Melbourne Institute of Technology whp analyzed the data. "When you play online games you're solving puzzles to move to the next level and that involves using some of the general knowledge and skills in maths, reading and science that you've been taught during the day." The Guardian reports: The cause of the association between game playing and academic success is not clear from the research. It is possible that children who are gifted at maths, science and reading are more likely to play online games. Alternatively, it could be that more proficient students work more efficiently, and therefore have more free time, making online gaming a marker of possible academic ability rather than something that actively boosts performance. Posso also looked at the correlation between social media use and Pisa scores. He concluded that users of sites such as Facebook and Twitter were more likely to score 4% lower on average, and the more frequent the social networking usage, the bigger the difference. 78% of the teenagers said they used social networks every day. Other studies have found a link between heavy users of social networking and a low attention span, which is also linked to poorer academic performance, but the evidence is less than conclusive.
Networking

The Dark Side of Certificate Transparency (sans.edu) 62

Slashdot reader UnderAttack writes: Certificate Transparency is a system promoted by companies like Google that requires certificate authorities to publish a log of all certificates issued. With certificate transparency, you can search these logs for any of the domains you own, to find unauthorized certificates. However, certificates are not only used for public sites. And with all certificates being published, some include host names that are not meant to be publicly known. An update of the standard is in the works to allow entities to obfuscate the host name, but until then, certificate transparency logs are a good recognizance source.
Facebook

Facebook's New Anti-Clickbait Algorithm Buries Bogus Headlines (techcrunch.com) 123

Facebook is going to make some changes to its newsfeed, again, it said on Thursday. The company is now having another go at sweeping clickbait news stories away from people's newsfeed. The move comes as the social networking giant struggles to entice many people from coming back to its service every few hours. Under the new changes to the feed algorithm, articles with headlines that "withhold or distort information" will be classified as distort. Such stories won't completely disappear, but as the company says, will appear less frequently in users' feeds. TechCrunch adds: Facebook manually classified tens of thousands of headlines with a clickbaitiness score to train the new algorithm. Now it can detect headlines like "When She Looked Under Her Couch And Saw THIS... I Was SHOCKED!"; "He Put Garlic In His Shoes And What Happens Next Is Hard To Believe"; or "The Dog Barked At The Deliveryman And His Reaction Was Priceless." The algorithm then punishes the entire Page that shared them or site they link to by making all their posts or referral links less visible. Facebook's VP of Product Management on News Feed Adam Moserri said "If you post 50 times a day and post one piece a clickbait, this shouldn't affect you. If you're a spammer and post clickbait all day this should affect you a lot."
Open Source

Israel's SolidRun Creates Open Networking Kit Inspired By Raspberry Pi (venturebeat.com) 76

Reader joshtops shares a VentureBeat report: SolidRun, a developer of electronic modules and PCs, said it is launching ClearFog Base kit, an off-the-shelf open development kit that enables do-it-yourself hardware enthusiasts to create their own telecom-grade routers. The kit is based on the Marvell Armada 38x SoC processor that runs on open source software based on OpenWrt. It lets enthusiasts build telecom-grade routers capable of Gigabit speed and embedded storage. The kit is inspired by the DIY computer kit, Raspberry Pi, which has sold a surprisingly large number of units. With OpenWrt support and several connectivity options, device makers can easily utilize the ClearFog Base within their own products to bridge a variety of network standards, like LAN, Wi-Fi, LTE, Fiber, and DSL. They can also utilize mikroBUS boards for IoT type networking standards such as ZigBee, Sub GHz, Bluetooth, and others. The $70 kit was created by Tel-Aviv, Israel-based SolidRun.
Bitcoin

Bitcoin Exchange Bitfinex Says It Was Hacked, Roughly $60M Stolen (reuters.com) 117

An anonymous reader quotes a report from Reuters: Hong Kong-based digital currency exchange Bitfinex said late on Tuesday it has suspended trading on its exchange after it discovered a security breach, according to a company statement on its website. The company said it has also suspended deposits and withdrawals of digital currencies from the exchange. "We are investigating the breach to determine what happened, but we know that some of our users have had their bitcoins stolen," the company said. "We are undertaking a review to determine which users have been affected by the breach. While we conduct this initial investigation and secure our environment, bitfinex.com will be taken down and the maintenance page will be left up." The company said it has reported the theft to law enforcement. It said it has not yet determined the value of digital currencies stolen from customer accounts. CoinDesk reports that the company confirmed roughly 120,000 BTC (more than $60 million) has been stolen via social media. "In response, bitcoin prices fell to $560.16 by 19:30 UTC, $530 by 23:30 and $480 at press time, CoinDesk USD Bitcoin Price Index (BPI) data reveals," reports CoinDesk. "This price was roughly 20% lower than the day's opening of $607.37 and 27% below the high of $658.28 reached on Saturday, July 30th, when the digital currency began pushing lower."
Bitcoin

EU Plans To Create Database of Bitcoin Users With Identities and Wallet Addresses (softpedia.com) 130

An anonymous reader writes from a report via Softpedia: "The European Commission is proposing the creation of a database that will hold information on users of virtual currencies," reports Softpedia. "The database will record data on the user's real world identity, along with all associated wallet addresses." The database will be made available to financial investigation agencies in order to track down users behind suspicious operations. The creation of this database is part of a regulatory push that the EU got rolling after the Paris November 2015 terror attacks, and which it officially put forward in February 2016, and later approved at the start of July 2016. Legally, this is an attempt to reform the Anti-Money Laundering Directive (AMLD). The current draft is available here. The current AMLD draft reads: "The report shall be accompanied, if necessary, by appropriate proposals, including, where appropriate, with respect to virtual currencies, empowerments to set-up and maintain a central database registering users' identities and wallet addresses accessible to FIUs, as well as self-declaration forms for the use of virtual currency users."
Social Networks

Twitter, a 10-Year-Old Company, Is Still Explaining What Twitter Is (theverge.com) 106

Twitter investors have long expressed their concerns about the rate at which Twitter is growing. The social networking website has seen platforms such as Instagram and Snapchat born into existence and quickly overtake it in terms of user base and engagement level. One of the reasons why Twitter hasn't grown as rapidly is because of a confusion among many -- including what we can say, Twitter itself -- about what exactly is this platform for. The Verge reports: Twitter came into our lives in 2006, and after a decade of existence, most people still have no idea what Twitter even is. Ninety percent of respondents to a Twitter-organized questionnaire say they recognize the brand, but most "didn't know or simply misunderstood" what it was for. Most people also thought having an account meant they had to tweet every day. As Twitter said in a blog post about these findings: "We realized we had some explaining and clarifying to do!" Over the years, Twitter has changed the way it acknowledges itself before people. It was once known as a social networking website, but not long ago the company marketed itself as a "news" service. Vanity Fair adds: The campaign, which launches today, is all about what's happening -- what's trending, what games are going on, what news events are breaking, what are people talking about, live, right now. A video at the center of the campaign cycles through footage of Black Lives Matters protests, athletes competing in the Olympics and a woman playing Pokemon Go, Lin-Manuel Miranda on stage at Hamilton, and Donald Trump stumping at a campaign rally. "We see it as a focus and an emphasis on what Twitter has always been about," Leslie Berland, Twitter's chief marketing officer, told The Hive. "We can see what's happening as it's happening, with all the live commentary that makes Twitter so special."

Slashdot Top Deals