Security

Equifax Has Been Sending Consumers To a Fake Phishing Site for Almost Two Weeks (gizmodo.com) 55

An anonymous reader shares a Gizmodo report (condensed for space): For nearly two weeks, the company's official Twitter account has been directing users to a fake lookalike website. After announcing the breach, Equifax directed its customers to equifaxsecurity2017.com, a website where they can enroll in identity theft protection services and find updates about how Equifax is handing the "cybersecurity incident." But the decision to create "equifaxsecurity2017" in the first place was monumentally stupid. The URL is long and it doesn't look very official -- that means it's going to be very easy to emulate. To illustrate how idiotic Equifax's decision was, developer Nick Sweeting created a fake website of his own: securityequifax2017.com. (He simply switched the words "security" and "equifax" around.) As if to demonstrate Sweeting's point, Equifax appears to have been itself duped by the fake URL. The company has directed users to Sweeting's fake site sporadically over the past two weeks. Gizmodo found eight tweets containing the fake URL dating back to September 9th.
Twitter

Twitter Suspends 300,000 Accounts Tied To Terrorism In 2017 (bloomberg.com) 68

According to a new transparency report, Twitter said it suspended nearly 300,000 accounts globally linked to terrorism in the first half of the year. The company is improving automation tools used to help block accounts that promote terrorism and violence. Bloomberg reports: Of [the nearly 300,000 accounts that were suspended], roughly 95 percent were identified by the company's spam-fighting automation tools. Meanwhile, the social network said government data requests continued to increase, and that it provided authorities with data on roughly 3,900 accounts from January to June. Twitter said about 75 percent of the blocked accounts this year were spotted before a single tweet was sent, and that 935,897 accounts had been suspended since August 2015, with two-thirds of those coming in the past year. American authorities made 2,111 requests from Twitter from January to June, the most of the 83 countries tracked by the company. Twitter supplied information on users in 77 percent of the inquiries. Japan made 1,384 requests and the U.K. issued 606 requests. Turkish authorities continued a trend of aggressively policing Twitter, making 554 requests for account data and issuing court orders to remove 715 pieces of content. Other governments made only 38 total content-removal requests.
AI

Google's AI Boss Blasts Musk's Scare Tactics on Machine Takeover (bloomberg.com) 125

Mark Bergen, writing for Bloomberg: Elon Musk is the most-famous Cassandra of artificial intelligence. The Tesla chief routinely drums up the technology's risks in public and on Twitter, where he recently called the global race to develop AI the "most likely cause" of a third world war. Researchers at Google, Facebook and other AI-focused companies find this irritating. John Giannandrea, the head of search and AI at Alphabet's Google, took one of the clearest shots at Musk on Tuesday -- all while carefully leaving him unnamed. "There's a huge amount of unwarranted hype around AI right now," Giannandrea said at the TechCrunch Disrupt conference in San Francisco. "This leap into, 'Somebody is going to produce a superhuman intelligence and then there's going to be all these ethical issues' is unwarranted and borderline irresponsible."
Bitcoin

Ethereum Will Match Visa In Scale In a 'Couple of Years,' Says Founder (techcrunch.com) 110

Ethereum's founder, Vitalik Buterin, believes that his cryptocurrency has the potential to replace things like credit card networks and gaming servers. He even goes as far to say that Ethereum will replace Visa in "a couple of years," though he later clarified that "ethereum *will have Visa-scale tx capacity*, not that it will 'replace Visa.'" TechCrunch reports: "There's the average person who's already heard of bitcoin and the average person who hasn't," he said. His project itself builds upon that notion by adding more utility to the blockchain, thereby creating something everyone will want to hear about. "Where Ethereum comes from is basically you take the idea of crypto economics and the kinds of economic incentives that keeps things like bitcoin going to create decentralized networks with memory for a whole bunch of applications," he said. "A good blockchain application is something that needs decentralization and some kind of shared memory." That's what he's building and hopes others will build on the Ethereum network.

Right now the network is a bit too slow for most mainstream applications. "Bitcoin is processing a bit less than 3 transactions per second," he said. "Ethereum is doing five a second. Uber gives 12 rides a second. It will take a couple of years for the blockchain to replace Visa." Buterin doesn't think everything should run on the blockchain but many things can. As the technology expands it can grow to replace many services that require parallelization -- that is programs that should run at the same time.

Communications

T-Mobile To Increase Deprioritization Threshold To 50GB This Week (tmonews.com) 66

After raising its deprioritization threshold to 32GB in May, it looks like T-Mobile will bump it up to 50GB on September 20th, according to a TmoNews source. The move will widen the gap between T-Mobile and its competition. For comparison, Sprint's deprioritization threshold is currently 23GB, while AT&T and Verizon's are both 22GB. TmoNews reports: It's said that this 50GB threshold won't change every quarter and no longer involves a specific percentage of data users. As with the current 32GB threshold, customers that exceed this new 50GB deprioritization threshold in a single month may experience reduced speeds in areas where the network is congested. T-Mobile hasn't issued an announcement regarding this news, but the official @TMobileHelp account recently tweeted "Starting 9/20, the limit will be increased!" in response to a question about this news.
Linux

Linux Foundation President Used MacOS For Presentation at Open Source Summit (itsfoss.com) 280

Slashdot reader mschaffer writes:It appears that Jim Zemlin, President of the Linux Foundation, was using MacOS while declaring "2017 is officially the year of the Linux desktop!" at the Open Source Summit 2017. This was observed by several YouTube channels: Switched to Linux and The Lunduke Show. Finally it was reported by It's FOSS.

if, indeed, this is the year of desktop Linux, why oh why cannot people like Zemlin present a simple slide presentation -- let alone actually use a Linux distro for work.

A security developer at Google has now "spotted Jim Zemlin using Apple's macOS twice in last four years," according to the article, which complains the Foundation's admirable efforts on cloud/container technology has them neglecting Linux on the desktop.

Ironically, in March Zemlin told a cloud conference that organizations that "don't harvest the shared innovation" of open source "will fail."
Businesses

'Bodega' CEO Apologizes, Insists They'll Create More Jobs (cnn.com) 155

Remember those two ex-Googlers who started a company to replace mom-and-pop corner stores with automated vending kiosks? An anonymous reader writes: The company's CEO has now "apologized in the face of mounting outrage," according to CNN. CEO Paul McDonald had shared a vision with Fast Company of a world where centralized shopping locations "won't be necessary" because there'll be a tiny automated one every 100 feet. Within hours McDonald was writing a new apologetic essay insisting he's not trying to replace corner stores, which carry more items and include a human staff who "offer an integral human connection to their patrons that our automated storefronts never will." In fact, he added that "Rather than take away jobs, we hope Bodega will help create them. We see a future where anyone can own and operate a Bodega -- delivering relevant items and a great retail experience to places no corner store would ever open." Promising to review criticism, he added his hope was to "bring a useful, new retail experience to places where commerce currently doesn't exist."
Bodega's CEO sees it as a way to beat Amazon by offering immediate access to popular products, and TechCrunch reports the company has already raised $2.5 million, while Fast Company notes "angel" investments from executives at Facebook, Twitter, Google, and Dropbox.

The company has already begun testing 30 Bodega boxes over the last ten months, and unveiled 50 more boxes last week, with hopes to have over 1,000 by the end of next year.
Youtube

PewDiePie Is Inexcusable But DMCA Takedowns Are Not the Way To Fight Him (vice.com) 503

An anonymous reader quotes a report from Motherboard: Felix Kjellberg, better known as PewDiePie, is the most popular YouTuber in the world. He's gotten himself into another controversy, this time for shouting the n-word while livestreaming a video game. The 27-year-old Swede has repeatedly been criticized for hate speech, and just last month said he would no longer make Nazi jokes after a white supremacist rally in Charlottesville, Virginia turned violent. But while playing PlayerUnknown's Battlegrounds on Sunday, Kjellberg, who has over 57 million subscribers on YouTube, called another player the n-word before erupting into laughter. "What a fucking n****r," he said. "Jeez, oh my god. What the fuck? Sorry, but what the fuck? What a fucking asshole. I don't mean that in a bad way." Kjellberg did not immediately respond to a request for comment, and has yet to publicly acknowledge the incident.

In response to Kjellberg's use of a racial slur, a number of video game players and developers have condemned the creator. Sean Vanaman, the co-founder of video game company Campo Santo, decided to use copyright law to push back against Kjellberg. On Twitter, he said he was filing a Digital Millennium Copyright Act (DMCA) takedown request against the famous YouTuber regarding a video in which Kjellberg plays Campo Santo's game Firewatch. There are compelling reasons to [remove hate speech from major internet platforms] by any means necessary, but DMCA overreach is among the least compelling options, considering that it unilaterally puts power into the hands of what are essentially uninvolved parties and allows for little arbitration or defense on the part of those who have their content removed.

Security

Warning: 'MetalKettle' Repository For Kodi Becomes Vulnerable After GitHub Takeover (betanews.com) 28

BrianFagioli shares a report from BetaNews: Unfortunately, there can apparently be security issues with repositories when they shut down. For example, when the metalkettle repo ended, the developer deleted its entry on GitHub. This in itself is not a cause for concern, but unfortunately, GitHub's allowance of project names to be recycled is. You see, someone re-registered the metalkettle name, making it possible for nefarious people to potentially serve up malware to Kodi users. The warning came from the metalkettle developer over on Twitter. He warns that devices with the repository installed could be in danger from a security standpoint. If a user was to search that repo, and the new owner of the GitHub name was to share malware, the user could assume it is safe and install it. We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry. If you still have the repository installed, you should remove it immediately. Not to mention, if you know someone using Kodi, such as a friend or family member, you should warn them too.
AI

South Park's Season Premier Sets Off Everyone's Amazon Echo (maxim.com) 290

SonicSpike writes: It's hard to believe that Trey Parker and Matt Stone didn't know exactly what they were doing with Wednesday night's season premiere of South Park. This episode marked the beginning of the show's 21st season and as usual, South Park took on current issues like tiki torch-wielding white supremacists and... home digital assistants. The latter meant lots of gags in which Cartman and other characters addressed Amazon Echo's Alexa and Google Home as well. And that ended up being a problem for viewers who own those devices. (Editor's note: example 1, 2) South Park writers absolutely knew their lines would do this and probably had a hilarious time coming up with funny commands for the home assistants.
Businesses

Union Power Is Putting Pressure on Silicon Valley's Tech Giants (bloomberg.com) 116

An anonymous reader writes: Organized labor doesn't rack up a lot of wins these days, and Silicon Valley isn't most people's idea of a union hotbed. Nonetheless, in the past three years unions have organized 5,000 people who work on Valley campuses. Among others, they've unionized shuttle drivers at Apple, Tesla, Twitter, LinkedIn, EBay, Salesforce.com, Yahoo!, Cisco, and Facebook; security guards at Adobe, IBM, Cisco, and Facebook; and cafeteria workers at Cisco, Intel, and, earlier this summer, Facebook. The workers aren't technically employed by any of those companies. Like many businesses, Valley giants hire contractors that typically offer much less in the way of pay and benefits than the tech companies' direct employees get. Among other things, such arrangements help companies distance themselves from the way their cafeteria workers and security guards are treated, because somebody else is cutting the checks. Silicon Valley Rising, a coalition of unions and civil rights, community, and clergy groups heading the organizing campaign, says its successes have come largely from puncturing that veneer of plausible deniability. That means directing political pressure, media scrutiny, and protests toward the tech companies themselves. "Everybody knows that the contractors will do what the tech companies say, so we're focused on the big guys," says Ben Field, a co-founder of the coalition who heads the AFL-CIO's South Bay Labor Council. Labor leaders say their efforts have gotten some tech companies to cut ties with an anti-union contractor, intervene with others to ease unionization drives, and subsidize better pay for contract workers. "If you want to get people to buy your product, you don't want them to feel that buying your product is contributing to the evils of the world," says Silicon Valley Rising co-founder Derecka Mehrens, who directs Working Partnerships USA, a California nonprofit that advocates for workers. Tech companies have been image-conscious and closely watched of late, she says, and the coalition is "being opportunistic."
EU

EU Set To Demand Internet Firms Act Faster To Remove Illegal Content (reuters.com) 60

Companies including Google, Facebook and Twitter could face European Union laws forcing them to be more proactive in removing illegal content if they do not do more to police what is available on the Internet. From a report: The European Union executive outlines in draft guidelines reviewed by Reuters how Internet firms should step up efforts with measures such as establishing trusted flaggers and taking voluntary measures to detect and remove illegal content. Proliferating illegal content, whether because it infringes copyright or incites terrorism, has sparked heated debate in Europe between those who want online platforms to do more to tackle it and those who fear it could impinge on free speech. The companies have significantly stepped up efforts to tackle the problem of late, agreeing to an EU code of conduct to remove hate speech within 24 hours and forming a global working group to combine their efforts remove terrorist content from their platforms.
Facebook

Why RSS Still Beats Facebook and Twitter for Tracking News (gizmodo.com) 108

An anonymous reader shares a report: One of the main reasons RSS is so beloved of news gatherers is that it catches everything a site publishes -- not just the articles that have proved popular with other users, not just the articles from today, not just the articles that happened to be tweeted out while you were actually staring at Twitter. Everything. In our age of information overload that might seem like a bad idea, but RSS also cuts out everything you don't want to hear about. You're in full control of what's in your feed and what isn't, so you don't get friends and colleagues throwing links into your feeds that you've got no interest in reading. Perhaps most importantly, you don't need to be constantly online and constantly refreshing your feeds to make sure you don't miss anything. It's like putting a recording schedule in place for the shows you know you definitely want to catch rather than flicking through the channels hoping you land on something interesting. There's no rush with RSS -- you don't miss out on a day's worth of news, or TV recaps, or game reviews if you're offline for 24 hours. It's all waiting for you when you get back. And if you're on holiday and the unread article count starts to get scarily high, just hit the mark all as read button and you're back to a clean slate.
Earth

Uber Gives Free Rides to Shelters During Hurricane Irma (bloomberg.com) 38

One million households lost power in Florida, and at least three people died, after Hurricane Irma made landfall Sunday morning. Bloomberg reports how Uber tried to help: Uber Technologies Inc. is offering free rides to shelters near Tampa as Hurricane Irma barrels toward the Florida mainland. The City of Tampa's Office of Emergency Management publicized the free rides on its Twitter feed, @AlertTampa, and mobile news alert service. Uber's offer helps serve a vital need for transportation, as Tampa Bay area residents got late notice that the monster storm that changed track on Saturday and was heading their way. It also provided a chance for the company to burnish an image... Uber has also been criticized for using its so-called surge pricing in times of crisis.
Iphone

Leaks Reveal New Features In Apple's Next iPhone 224

Though Apple officially unveils their newest iPhone on Tuesday, information is already leaking on the internet.
  • Mashable: "Physically, it's expected to be about the same size as an iPhone 7, but with an edge-to-edge OLED display that's bigger than what is currently on the iPhone 7 Plus. It won't have a home button or Touch ID, and will likely use some kind of facial recognition tech to unlock."
  • MacRumors cites a report from KGI Securities analyst Ming-Chi Kuo suggesting facial recognition may just be one feature of a complex front camera with 3D sensing hardware, including a proximity sensor, ambient light sensor, and a structured light transmitter (using a surface-emitting laser) and receiver.
  • Fortune: "Apple's iPhone line is expected to catch up with Android phones in the area of wireless charging this year... just lay the phone down on a compatible charger mat or base or dock, and watch the battery fill up."
  • 9to5Mac: "We've found a brand new feature called 'Animoji', which uses the 3D face sensors to create custom 3D animated emoji based on the expressions you make into the camera. Users will be able to make Animoji of unicorns, robots, pigs, pile of poo and many more."
Privacy

TechCrunch: Equifax Hack-Checking Web Site Is Returning Random Results (techcrunch.com) 176

An anonymous reader quotes security researcher Brian Krebs: The web site that Equifax advertised as the place where concerned Americans could go to find out whether they were impacted by this breach -- equifaxsecurity2017.com -- is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones.
TechCrunch has concluded that "the checker site, hosted by Equifax product TrustID, seems to be telling people at random they may have been affected by the data breach." One user reports that entering the same information twice produced two different answers. And ZDNet's security editor reports that even if you just enter Test or 123456, "it says your data has been breached." TechCrunch writes: The assignment seems random. But, nevertheless, they were still asked to continue enrolling in TrustID. What this means is not only are none of the last names tied to your Social Security number, but there's no way to tell if you were really impacted. It's clear Equifax's goal isn't to protect the consumer or bring them vital information. It's to get you to sign up for its revenue-generating product TrustID.
Meanwhile, one web engineer claims the secret 10-digit "security freeze" PIN being issued by Equifax "is just a timestamp of when you made the freeze."
Government

Should Congress Force Social Media To Investigate Foreign Propaganda Trolls? (politico.com) 266

"I fought foreign propaganda for the FBI," writes a former special agent from its Counterintelligence Division. Now an associate dean at Yale Law School, he's warning that "the tools we had won't work anymore." An anonymous reader quotes Politico: The bureau is now faced with huge private companies, like Facebook and Twitter, which are ostensibly neutral and have no professional or ethical obligation to vet the material they distribute. Further, foreign intelligence service propaganda agents are no longer human operatives on American soil -- they are invisible "trolls," often operating from a foreign country and behind social media accounts that make them impossible for the FBI to approach directly. Or, in the case of so-called bots -- software programs designed to simulate humans -- they might not even be people at all... [S]ocial media platforms can reach an almost limitless audience, often within days or hours, more or less for free: Russia's Facebook ads alone reached between 23 million and 70 million viewers.

Without any direct way to investigate and identify the source of the private accounts that generate this "fake news," there's literally nothing the FBI can do to stop a propaganda operation that can occur on such a massive scale... But Congress could pass legislation that requires social media companies to cooperate with counterintelligence in the same ways they do with law enforcement. For example, the Communications Assistance for Law Enforcement Act requires telecommunications companies to design their digital networks in such a way that would permit wiretaps for criminal cases. Similarly, requiring social media platforms to develop ways to vet and authenticate foreign users and proactively report potential bots to the FBI would enable the FBI to identify perception management operations as they are occurring. In addition to monitoring these specific FIS-based accounts, the FBI could publicly expose the source of particular accounts, ads or news...

"At this point, we have no choice: It's clear that our current counterintelligence strategy hasn't caught up to the age of asymmetrical information warfare," the former counterintelligence agent concludes. "Until it does, we'll be silently allowing our freedoms to be manipulated...."
Social Networks

Why It's So Hard To Trust Facebook (cnn.com) 139

Brian Stelter, writing for CNN: Why won't Facebook show the public the propagandistic ads that a so-called Russian troll farm bought last year to target American voters? That lack of transparency is troubling to many observers. "Show us the ads Zuck!" Silicon Valley entrepreneur Jason Calacanis wrote on Twitter when The Washington Post reported on the surreptitious ad buys on Wednesday. Calacanis said Facebook was "profiting off fake news," echoing a widely held criticism of the social network. It was only the latest example of Facebook's credibility problem. For a business based on the concept of friendship, it's proving to be a hard company to trust. On the business side, Facebook's metrics for advertisers have been error-prone, to say the least. Analysts and reporters have repeatedly uncovered evidence of faulty data and measurement mistakes. Facebook's opaqueness has also engendered mistrust in the political arena. Conservative activists have accused the company of censoring right-wing voices and stories. Liberal activists have raised alarms about its exploitation of personal information to target ads. And the news business is worried about the spread of bogus stories and hoaxes on the site. Some critics have even taken to calling Facebook a "surveillance company," seeking to reframe the business the social network is in -- not networking but ad targeting based on monitoring of users. Over at The Verge, Casey Newton documents inconsistencies in Facebook's public remarks over its role in the outcome of the presidential election last year. Newton says Facebook's shifting Russian ads stories and unwillingness to disclose information citing laws (which seem to imply otherwise) are damaging its credibility.
Technology

VR's Tough Demand: Your Undivided Attention (axios.com) 115

Ina Fried, writing for Axios: If you want to know why virtual reality hasn't taken off, you might want to blame our addiction to smartphones. Why? While the power of VR is to be transported into an immersive experience, consumers will demand a lot out of something that makes them give up Twitter and Facebook, even for a few minutes. One perspective: "It has to be a really compelling reason to get you to give up all that," Shauna Heller, a former Oculus worker who now consults on VR projects, said Thursday at the Mobile Future Forward conference near Seattle. "There aren't just a ton of those reasons just yet."
Social Networks

67% of Americans Use Social Media To Get Some of their News 71

Shan Wang, writing for Neiman Lab: Sixty-seven percent of Americans report getting some of their news via social media at some point, according to a Pew Research survey of just under 5,000 U.S. adults conducted last month and published Thursday. That overall percentage is only up slightly from 62 percent in 2016, in the run-up to the November election. But among specific demographics, using social media for news has increased: 74 percent of non-white U.S. adults now get news from social media, up from 64 percent of that group who got news that way in 2016. Fifty-five percent of Americans 50 and older say the have gotten news from social media, up from 45 percent (older people are also driving the increasing percentage of people who get news via mobile). Facebook is still the dominant social media source for news. But when Pew looked at the percentage of users on each social media platform who were using it for news, it was Twitter, Snapchat, and YouTube that saw increases (remember that user bases are vastly different sizes, from YouTube to Facebook to Tumblr to Twitter):

Slashdot Top Deals